ritter.vg
tech > code > Proofs of Concepts
Warning! This page used to be kept up to date but hadn't been for a number of years. Expect a lot of broken links ahead!
Here are a collection of proofs of concepts of ideas I've had. Again, you're free to use and improve upon them - if you do, please contact me!
Finding SQL Injection in a White-Box Environment
When we have access to the database, we can farm SQL Injection testing to untrained QA Analysts - they don't even need to know what SQL Injection is. This is can catch unusual code paths and is generally less expensive than a full code audit.
Authenticating Via Categorical Preferences
Let's get rid of "Secret Questions" alltogether. Let's present an attacker with a hundred questions, only 6 of which he should answer. But it will still authenticate you without making you spend a half-hour filling in radio buttons.
Page-Level Caching of Dynamic Content using Javascript
Using DOM manipulation, dynamically created iframe, and a cached flat-HTML file - we can more efficiently serve what were previously dynamically created content pages like forums and blogs.
Comments
Add a comment...
required
required, hidden, gravatared

required, markdown enabled (help)
you type:you see:
*italics*italics
**bold**bold
[stolen from reddit!](http://reddit.com)stolen from reddit!
* item 1
* item 2
* item 3
  • item 1
  • item 2
  • item 3
> quoted text
quoted text
Lines starting with four spaces
are treated like code:

    if 1 * 2 < 3:
        print "hello, world!"
Lines starting with four spaces
are treated like code:
if 1 * 2 < 3:
    print "hello, world!"