Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
My likes and dislikes of the computer world.
Download Windows 8 Release Preview from MSDN Subscriptions
MSDN Home: (Visual Studio RC Banner)https://msdn.microsoft.com/subscriptions/ MSDN Subscriber...
Date: 05/31/2012
Download Windows 8 from MSDN Subscriptions
MSDN Subscriptions just released windows 8 files on msdn subscriptions, you can get it with your...
Date: 09/13/2011
Localized String Lengths and UI Design
Creating a UI design with right button widths and field lengths are quite challenging when you...
Date: 07/27/2011
I am back with Subscriptions!!!
Its been almost a year since my last blog post, I have been extremely busy with stuff around moving...
Date: 07/25/2011
Anti-XSS Library v4.0 is released
Barrage of changes were made for this release including CSS and LDAP encodings. You can get more...
Date: 09/30/2010
How to View a Report in WACA?
Web Application Configuration Analyzer v1.0 is the latest tool released by our team that scans a...
Date: 09/24/2010
How to Scan a Server using WACA?
Web Application Configuration Analyzer v1.0 is the latest tool released by our team that scans a...
Date: 09/23/2010
Web Application Configuration Analyzer v1.0 RTW is live!
I am excited to announce the release of Web Application Configuration Analyzer v1.0 tool. The...
Date: 09/20/2010
Increase cheap netbook performance using Windows Embedded Standard 7
With recent release of Windows Embedded Standard 7 you can get all the goodness of Windows 7 with...
Date: 09/17/2010
Custom build activity for TFS 2010 to send email with build details – Part 2
My previous blog post talked about how to develop a custom workflow activity to use it in the build...
Date: 09/15/2010
Custom build activity for TFS 2010 to send email with build details – Part 1
Team Foundation Server 2010 build service can now be customized using .NET v4.0 workflow activities....
Date: 09/02/2010
How to get files associated with a changeset?
This information is very useful when deploying or installing a new build generated by TFS Build...
Date: 08/24/2010
JavaScript static analysis using Gatekeeper
Microsoft Research has been doing awesome work with regards to statically analyzing JavaScript...
Date: 07/27/2010
How to determine a given file as executable file?
Is your application accepting files and writing them to the disk? How do you determine if the file...
Date: 07/27/2010
Phidgets – More cool and fun weekend projects
Here are some of my favorite cool phidgets based projects....
Date: 06/13/2010
Controlling Phidgets using WCF Services
After the initial development of Mopbot using phidgets I was having lot of reliability issues....
Date: 06/13/2010
Automating Input validation
Input validation has always been trickier to implement in data driven applications. Specially web...
Date: 06/04/2010
CAT.NET v2.0 Channel 9 video
We recently did a screen cast on Channel 9 about upcoming release of CAT.NET. This video includes...
Date: 04/23/2010
Threat Analysis and Modeling R.I.P
Threat Analysis and Modeling Tool (TAM) tool is being retired inside Microsoft. It has been replaced...
Date: 04/23/2010
Anti-XSS vNext – Web Protection Library
Want to know more when you can get your hands on the next version of Anti-XSS library, check out...
Date: 11/05/2009
How to Detect and avoid memory Leaks in .NET applications?
Here is an excellent MSDN article on how to detect and avoid memory leaks in .NET applications....
Date: 11/05/2009
Anti-XSS Library v3.1 is now Live!
You can now download the new version of Anti-XSS library v3.1 from Microsoft.com Download Center....
Date: 09/23/2009
HTML Sanitization using Anti-XSS Library
Now you can filter (sanitize) HTML using Anti-XSS library v3.1 features. More information can be...
Date: 09/23/2009
Cascading Style Sheet Strings Encoding
I recently blogged about encoding cascading style sheet strings. A new feature is being added to the...
Date: 08/26/2009
LDAP Injection and Mitigation
Yesterday I posted a blog entry on our team blog about LDAP Injection and how to mitigate it using...
Date: 08/11/2009
Understanding SDL-LOB Blog Series
My colleague Anmol has done it again, he has posted more blog entries on specific phases of Security...
Date: 07/30/2009
Security Guidance and Threat Modeling
I just posted a blog entry on the main drivers behind CTL in TAM v3.0. You can check it out at IST...
Date: 07/30/2009
OWASP Seattle Chapter Talk on Anti-XSS
Two weeks from now on August 11th in Bellevue I am going to talk about Anti-XSS Library. Talk is not...
Date: 07/28/2009
TAM v3.0 beta is live!
A new version of threat analysis and modeling tool has been released. This version has significant...
Date: 07/21/2009
TAM v3.0 New Features!
Just posted a blog entry on the new threat analysis and modeling release features on our security...
Date: 07/20/2009
Connection String Injection Attack
Today I was looking at some new classes in .NET 2.0 and stumbled across DbConnectionStringBuilder...
Date: 07/20/2009
Web Protection Library – new Project
Another post on the new security tools blog about WPL....
Date: 07/09/2009
Threat Analysis and Modeling 3.0 Video
Here is a video that I did couple of weeks back about TAM 3.0 release. It gives some details on the...
Date: 07/07/2009
Multiple Modal POPUPS and Z-Index
AJAX modal popup extender gives developers ability to show javascript based modal windows. This...
Date: 06/22/2009
Windows 7 Media Center Themes
I have been using Windows Media Center for a while now, so naturally I was waiting for the Windows 7...
Date: 06/11/2009
Introducing SDL-LOB
If you are writing .NET applications chances are that it could be the next big LOB application in...
Date: 06/05/2009
AJAX approach to localizing Date Time
I am pretty confident most of you people out there have developed web applications for global use...
Date: 05/29/2009
System.Security.SecureString Part II
Second part of the SecreString blog post. Check it out at...
Date: 12/17/2008
How the Anti-XSS 3.0 SRE Works
Published a new blog on how SRE works internally. Kind of a starter course on Anti-XSS SRE code....
Date: 12/16/2008
Anti-XSS Webcast
On January 9th there will be a webcast on technet about Anti-XSS v3.0. This will showcase some of...
Date: 12/09/2008
Security Deployment Review Tool Webcast
Deployment Reviews is a process to check a host for security settings, mostly those affect the...
Date: 12/04/2008
Oslo M Language
The M language is awesome, I have been experimenting with it for quite some time now. it allows you...
Date: 11/10/2008
SECURITY Q&A #1
From a security perspective what's wrong with this code? 1: <html> 2: <head> 3:...
Date: 11/06/2008
Developer Security IQ
There is a very good article on MSDN magazine about security bugs. A good Q&A to determine your...
Date: 11/06/2008
OWASP MN Mini Conference
This Tuesday I was spoke at the OWASP MN mini conference at the University of Minnesota's St. Paul...
Date: 10/24/2008
Security Runtime Engine
We have been working on this project for some time now. It is a http module to protect web...
Date: 10/24/2008
System.Security.SecureString in .NET
Varun in our team has posted part I of series about SecureString in .NET. Awesome blog entry talks...
Date: 10/08/2008
XmlDocument vs XElement Performance
I have been using XElement class a lot lately, I was doing some performance tests on this to figure...
Date: 10/08/2008
AntiXss Encoding and ASP.NET Data Binding
It's been a while since I posted my last blog entry. This time it is on few ASP.NET data binding...
Date: 10/01/2008