Sunday, 10 February 2013

Saturday, 9 February 2013

Running linux on the browser using jslinux

This is simply amazing, at http://bellard.org/jslinux/ you can run Linux on a browser:

Webinar: Why Software is Still Insecure

Ed and Charles (from SI) are doing a webinar on Feb 20th about why (in most cases) the software industry have not (yet) figured out how to integrate security into the software development lifecycle (in a repeatable, measurable and visible way).

I couldn't agree more and I’m looking forward to hearing what they have to say :)

You can read more about it and register here

What does the .html() FluentSharp Extension Method does

Well it gets the HTML code of a particular URL :)

And it does the same thing as the FluentSharp BCL's  .GET() extension method.

Friday, 8 February 2013

Thursday, 7 February 2013

Wednesday, 6 February 2013

Me and Jim Manico

I really like Jim. He is passionate, loves OWASP and has great energy.

Although he is from the Hawaii, he has Italian Sicilian blood, which means that his first reaction tends to be a bit off piste. But he listens well, he has an amazing breadth/depth of technological skills and is (like me) trying to change/fix the world.

These days, since I'm not in any position of power at OWASP (I left the Board two years ago), I am in a very privileged position where I can speak freely about my ideas (see You will not have your best ideas when you are in a position of Power). And as you can see by the 46 posts (so far) on this blog about OWASP I have been doing that a lot :)

Running Minecraft on Raspberry PI

Raspberry PI is amazing!!!!!!!!

Last week I got one of the PI kits + books, and am having a great time teaching my kids how to use it (and how to write games like the PacMan using scratch)

Of course that what my 7 year old really wanted was to play Minecraft on the PI, and although there is no 'official' release (even the 'unofficial version' was removed by the author), I was able to get it to work using the instructions at Raspberry Pi - Install Minecraft - leaked pre release

RazorEngine is a great way to parse and render ASP.NET Razor views

I've been trying the RazorEngine on TeamMentor to parse Razor CSHTML files, and I'm very happy with it so far.

Basically, RazorEngine is what Microsoft should had created in the first place: a simple way to parse and render CS-powered Html Razor views.See the examples at http://razorengine.codeplex.com . As comparison, take a look at What a 'salad of DLLs' are the ASP.NET MVC 4.0 template projects

RazorEngine was created by Matthew Abbott from FidelityDesign  who seems to be as crazy as I am. For example, see his A Tale of Epic Epicness… post :)

If only I could get Matthew to take a look at the OWASP O2 Platform and its C# REPL environment, I'm sure he would love it :)

Call For Training - OWASP 2013 LATAM Tour

Please see bellow's Kate's email about the amazing OWASP Tour that they are organizing at LATAM. As the guy who did the first OWASP Tour I'm very happy to see that this idea is finally taking shape.

Now if only we could do the same around Europe :)

Btw, If you are in the Latin America (or want to go there), this is a great opportunity to be involved

SRE and Package HtmlAgilityPack Sanitizer as a stand alone module (at OWASP .Net)

Here's an email I wrote to Jim Manico on the owasp-leaders list about the Microsoft's SRE (Secure Runtime Engine) which is part of the WPL Web Protection Library http://wpl.codeplex.com (where AntiXSS comes from) and the Sanitization/Encoding capabilities of the HtmlAgilityPack

tl;rd: There is a good opportunity for OWASP to be involved since there doesn't seem to be a clear solution out there (at the moment)

JetStrap - Great way to create BootStrap CSS

Just found JetStrap which is a web based WYSIWYG editor for Boostrap css

Here is a video that shows it in action:

Sunday, 3 February 2013

REPL GUI for Clojure-CLR (C# port of Lisp’s Clojure)

Here is a script/tool I wrote a while back (when I wanted to see what Lisp was all about), where I created a REPL Gui based on the amazing Clojure-clr project (which is CLR port of Clojure)

You can download this O2 Platform tool from: Util - Clojure-clr REPL (Lisp) v.2.0.exe

This is a 9Mb standalone exe (only requirement is the .NET Framework 4.0 running on a Windows box):

Saturday, 2 February 2013

Real-Time Write to WebBrowser showing WCF REST API page, using HttpContent.Response, from C# REPL Script

In this post I will show a powerful technique for ASP.NET Debugging/Programming, where the Web C# REPL that I recently added to TeamMentor is triggered from a WCF REST API, in such a way that the HttpContext can be programmed in real-time, with the added bonus that the HttpContext.Response OutputStream stays open (and can be written to multiple times).

It all starts with a new TeamMentor REST API method called ‘/admin/scripts/{name}’ :

Friday, 1 February 2013

Manipulating Asp.NET Session Variables (from the server)

Based on this code sample List all active ASP.NET Sessions from StackOverflow, I wrote the following script, which uses reflection to access and modify Session values, from current ASP.NET users:

Using CSharp Web REPL from TeamMentor Control Panel

I needed to do some live debugging on TeamMentor, so I just added a simpler version of the CSharp-REPL Web to it.

To access it, go to the TeamMentor's Control Panel, and click on the C# REPL link: