hacking, bug bounty, appsec

Create design documents with Fabric


How I use Fabric patterns to create, review and refine design documents.
Read more ⟶

Threat Modelling with Fabric Framework


The Fabric framework enhances AI-powered threat modeling with a new pattern, offering detailed, actionable security insights.
Read more ⟶

Leveraging LLMs for Threat Modeling - Claude 3 Opus vs GPT-4


With new version of Claude model, I would like to compare it to GPT-4 in threat modeling.
Read more ⟶

Reviewing Your Architecture Using LLMs


The quality of input data is crucial for LLMs to perform effectively. Learn how you can use these LLMs to improve your architectural descriptions. Explore the new feature in my ai-threat-modeling-action GitHub action.
Read more ⟶

Leveraging LLMs for Threat Modeling - GPT-3.5 vs Claude 2 vs GPT-4


We put the leading AI models to the test in threat modeling. Let's dive into the results and see which one comes out on top.
Read more ⟶

Leveraging LLMs for Threat Modeling - GPT-3.5


In this article, I delve into the AI Nutrition-Pro experiment, a research project exploring the potential of LLMs in enhancing security practices during the design phase of DevSecOps: threat modeling and security review.
Read more ⟶

Mitigating SSRF vulnerabilities in Go. A practical guide. Part 2


In this final part of mitigation guide we will explore doyensec/safeurl library for Go.
Read more ⟶

Security Coding in Go. Input validation


Input validation is one of most important technique in secure coding. Deep dive into it for Go language.
Read more ⟶

Mitigating SSRF vulnerabilities in Go. A practical guide. Part 1


Server-Side Request Forgery (SSRF) vulnerabilities have been around for a long time, and they still pose a significant threat to web applications, so much so this kind of vulnerability has been included in OWASP TOP 10. This time I will explain how to mitigate SSRF vulnerability in Go applications.
Read more ⟶

Threat Modeling 101


What is Threat Modeling? First of all, it’s just thinking about threats. We all do it, every day 😃 How someone could break into my house? But wait a second. How do you know that you need to protect your house in the first place? Maybe you don’t have a house, or maybe you don’t have money right now to buy deterrents. Or maybe your family thinks you are a bit paranoid? 😕
Read more ⟶