appsec Archives - Page 2 of 2 - Include Security Research Blog

Custom Static Analysis Rules Showdown: Brakeman vs. Semgrep

February 18, 2021January 20, 2021 — by Jason Kielpinski (Tech Reviewers: Justin Collins, Erik Cabetas, Clint Gibler)

In application assessments you have to do the most effective work you can in the time period defined by the client to maximize the assurance you’re providing. At IncludeSec we’ve done a couple innovative things to improve the overall effectiveness of the work we do, and we’re always on the hunt for more ways to … Read more

Introducing: SafeURL – A set of SSRF Protection Libraries

February 18, 2021August 19, 2016 — Code by IncludeSec team, with contributions by our Intern Mohammad Al Amin

At Include Security, we believe that a reactive approach to security can fall short when it’s not backed by proactive roots. We see new offensive tools for pen-testing and vulnerability analysis being created and released all the time. In regards to SSRF vulnerabilities, we saw an opportunity to release code for developers to assist in … Read more