Web posts

  • Automating Templated JSON Fuzzing / Unit Testing

    JSON (JavaScript Object Notation) is a widely used lightweight data-interchange format. It is commonly used to share data between decoupled components / systems, store data persistently, and import / export data in / out of sytems. Manually testing JSON structures can be combersome and prone to human error, especially in complex nested structures. This post presents a JSON parsing algorithm that generates permutations of JSON structures automatically that can be used to automate unit testing / fuzzing activities.

  • Handling Relative URLs for Redirects / Forwards

    Remediating unvalidated forwards and redirects is almost always achieved by using an allow list of absolute URLs. Although what do you do if the absolute URL is not known ahead of time? This post digs into validating URLs for redirects / forwards using a relative path.