Alik Levin's

Clarity, Technology, and Solving Problems |

Browse by Tags

Tagged Content List
  • Blog Post: Avoid Manipulating Passwords In Memory - It Is Easy To Reveal

    Revealing clear text passwords in memory seems to be a trivial task. This post describes how to reveal clear text passwords and what countermeasures to apply. Summary of steps: Install WinDbg Attach to process or open dump file Load SOS .Net extensions for WinDbg Enumerate threads ...
  • Blog Post: IIS 7 Configuration File - applicationHost.config - Password Management

    From my learning of IIS7 I understand that IIS7's metabase is actually XML configuration file very familiar to me and similar to ASP.NET's web.config. It is called applicationHost.config and sits in C:\Windows\System32\inetsrv\config My first interest was to see how it manages passwords when specifying...
  • Blog Post: Code Inspection - First Look For What To Look For

    Reposted from Security Code Inspection - First Look For What To Look For for further reuse on this blog. I found it extremely productive to first look for strings in the code. But what strings to look for? And how to look for the strings? Looking into the source files? My good friend FindStr is of great...
  • Blog Post: SecureString Class Two Real Usages And Counting!

    SecureString Class "Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. This class cannot be inherited. " I first was very excited about SecureString introduced in .Net FX 2.0 but as I tried to learn...
  • Blog Post: Google Code Search - Different Perspective

    Google launches a special treat just for developers ... I'd like to present it from some different perspective. Imagine you provide search criteria as follows: " Initial Catalog " - try it. What do you see? More like these here Doesn't it make you want to write more secure code ... :) ? Enjoy
Page 1 of 1 (5 items)