Showing posts from March, 2017

Security: HTTP headers that expose web application / server vulnerabilities

Today's blog post will cover how response HTTP headers can expose security holes in your web application and servers. The post will also contain steps on how to remove this headers and mitigate chances of getting attacked using C# and MVC. Problem When an attacker performs an attack on a web server, the first thing he /she needs to do is to identify the profile of his target. To profile a target web application / server, an attacker would have to perform the following steps: Identify the address of the web application. Identify the OS where the web application resides Identify the type of server (IIS, Apache, etc) that was hosting the web application Identify the frameworks ( MVC, PHP, JSF) used by the applications After an attacker gathers the following information, the attacker would proceed on using penetration to

Validating balanced parenthesis, brackets and braces inside a mathematical equation.

Today, I will try to create a C# method that would validate if the brakcets, parenthesis and braces of a given mathematical equation is properly written, balanced and complete. The goal of this excercise is to utilize the stack data structure to write an algorithm with a linear growth. Any suggestions on how to do this using logarithmic algorithms are welcome. The method should return true for the following inputs: (x + y) - ((z * y) + x) {(1 / 2) + (y / z)} - ([g + z]) - (x + y) [x + y] - (5 * x) The method should return false for the following inputs: (x + 3] {(y + z)] (x + y) + [g(5])] Solution Clone it from GitHub Below is a class that validates if the brackets, parenthesis and curly braces of a formula are properly written and has a counterpart.