août 18

My CVs were a bit outdated. You can find the more recent versions on About Me

Tags:
août 15

On tuesday 2007-08-07, I have launched the "Thales Belgium User Group". Around 10 attendees were at the rendez-vous. Not so bad for a first session, hoping to see this number increasing in a near future. This session was dealing with Hacking & Securing an ASP.NET WebSite : POST Attacks.

Unfortunately the conditions were terrible. 40 minutes late to try using a low quality video projector and an deafening ambiant noise due to unplanned works in the building. Was the first one, so it couldn't be perfect, and in the end, I think it was not that bad ;-)

You will find below the agenda we have followed:

  • Introduction
  • HTML Attacks
    • What is an HTML attack ?
    • Which security evolutions between the different .NET framework versions ?
    • Are we completely safe now ?
  • POST Attacks
    • What is a post attack ?
    • How can we do a post attack ?
    • POST attacks demo
      • Using a web simulator
      • Using the firefox DOM inspector
      • By simply copying the page
    • Which security evolutions has arrived in .NET 2.0 ?
      • How does it work ?
      • Explanation of the encryption mechanism in the .NET framework to secure ASP.NET typical hidden fields
    • Protecting a web site
      • Using a "secured button"
      • Using a "secured text box"
      • Demo using DropDownlists
    • TagMapping demo to propagate the modification to the whole web site
  • Conclusion and advice

Downloads:

You can find below the material we provided at the end of the session: Note that the solution has been written using Visual Studio 2008 and that the WebSimulator DLL used for the demo has not been provided. However, this example would be similar using another web simulator product, like WatIn for example.

août 13

Hello All,

 It's quite a long time now that I want to be more active in the .NET community. I have started to take an important part in training and knowledge transfer inside of my company but this was not enough as I wanted to be more visible.

I have met Loïc Bar a few weeks ago (http://www.loicbar.com/) and we have started to exchange more about what we were knowing or wanted to know. I think it was just the good time for me to take a turn. I have almost 6 years of experience in .NET - I have started from the very beginning - and now sharing my work time between being a .NET senior developper and being an architect. I am also doing some job interviews when we are searching for new .NET guys in my company, meeting interesting guys. Or less interesting ones by the way, some people for which I have the feeling that they have spent the last 2 or 3 years immobile and slugging, not learning a lot of things.

In my developper life (beginning of life) I have been lucky enough to be always on the major projects, the most interesting ones. Now I'm working for a belgian administration, on a big eXtreme Programming project that make me learn more than ever. 

All this have decided me to share more and more and decided me to start blogging a bit, and writing public articles to share not only with my direct colleagues, but with the community in its whole. I will try to speak and share in this blog about the .NET framework of course, Winforms or ASP.NET, trying to go deep on some subjects and sharing the experience we got in XP and TDD.

I'm waiting impatiently to your comments to guide my work and posts.

See you soon via the feeds !

Tags: