bypass – Mehmet INCE | Information Security

Bypassing Django-Defender IP Based Restriction

25/02/201524/02/2015 by mehmet ince

Hi there

Few minutes ago, I saw one of @PythonWeekly tweet. I love Django and community that supports with their open source modules such as Django-Defender thus I’ve decided to look at source code from security perspective.

What is Django-Defender ?

A simple Django reusable app that blocks people from brute forcing login attempts. The goal is to make this as fast as possible, so that we do not slow down the login attempts.

https://github.com/kencochrane/django-defender

HTML input Disabled attribute için XSS Bypass Yöntemi

17/02/2014 by mehmet ince

Merhaba

XSS zafiyetlerinden korunmak için Input Validation ve Output Encoding yöntemlerine özen gösterilmesi gerekmektedir. Bu güvenlik adımlarının uygulanmadığı yazılımlarda XSS zafiyeti olsa bile exploit edilemediği durumlar gelişebilir.