André Baptista’s Post

Very happy to release on GitHub our free and open source "Simple Log Analyzer". You can feed it logs from Cisco Meraki, Ubiquiti Inc. UniFi, WatchGuard Technologies, Palo Alto Networks It helps identify things like : - Top traffic sources and destinations - Most active applications and policies - Session end reasons and patterns - Traffic volume trends over time Useful for our customers at LogCentral that want to identify things to filter in their logs, but also useful for others! If you have ideas for improvements, open an issue with us on GitHub! https://lnkd.in/eSE4Gmwz

🌐 HTTP Protocol — A Beginner-Friendly Explanation Ever wondered how a webpage loads when you type a URL in your browser? Behind the scenes, the communication happens through HTTP (HyperText Transfer Protocol). Think of HTTP as the language your browser uses to talk to web servers. 🔄 How HTTP Works (Simple View) 1️⃣ Client sends a Request Your browser asks a server for something — a webpage, an image, or API data. 2️⃣ Server processes it 3️⃣ Server sends a Response This includes the requested content or an error (like 404). 🔑 Key Concepts Every Beginner Should Know ✔ HTTP is stateless Each request is independent; the server does not remember previous requests. ✔ Common HTTP Methods GET → Retrieve data POST → Send data PUT → Update data DELETE → Remove data ✔ Famous HTTP Status Codes 200 – OK → Success 404 – Not Found → Page missing 500 – Internal Server Error → Something failed on the server ✔ Request vs Response Structure Request: Method + URL + Headers + (optional) Body Response: Status Code + Headers + Body (HTML/JSON/etc.) 🚀 Why Learn HTTP? Because every web, mobile, and backend application uses it. Understanding HTTP helps developers debug faster, build cleaner APIs, and design better systems. #HTTP #beginnners #webdevelopment

The Async Iterator: When Regular Loops Block the Event Loop Timothy stared at his screen, puzzled. His async web server was working beautifully for most requests, but whenever someone requested the log file analysis endpoint, the entire server seemed to freeze for several seconds. "Margaret, I don't understand," he said, showing her the code. "I'm using async/await everywhere, but this one endpoint still blocks everything." Margaret walked over and looked at his screen. import asyncio from pathlib import Path async def analyze\_logs\(\): """Analyze a large log file""" log\_file = Path\("server.log"\) # 1GB file error\_count = 0 print\("Starting log analysis..."\) # Read and process the file with open\(log\_file, 'r'\) as f: for line in f: # Regular for loop if 'ERROR' in line: error\_count += 1 print\(f"Found \{error\_count\} errors"\) return error\_count async def handle\_request\(request\_id\): """Simulate concurrent requests""" print\(f"\[\{request\_id\}\] Request started"\) await asyn https://lnkd.in/gPDVzz58

Tip of the day: When using useSearchParams in react-router-dom and need to allow multiple values in querystring, do NOT pass the multiple query strings in a single value delimited by ',' or similar and use searchParams.get('fieldIds') and deal with split and joins. Instead please take advantage of the getAll function of searchParams which builds upon the web standards of arrayed query string values. ⛔ Wrong! const fieldIds = searchParams.get('fieldIds') ? searchParams.get('fieldIds').split(',') : [] ... (value) => { setSearchParams(params => { params.set('fieldIds', value.join(',') return params )} ✅ Right const fieldIds = searchParams.getAll('fieldId') ... (values) => { setSearchParams(params => { params.delete('fieldId') values.map(fieldId => params.append('fieldId', fieldId); }) } Advantages: ✅ No overengineering of string manipulation ✅ Easier to maintain, easier to debug ✅ Taking advantage of web standards

Continuing my experimentation with OPRFs — this time the focus is on constant-time cryptography. Quick recap: Oblivious pseudorandom function (OPRF) lets a server compute on your data without seeing it. I’ve built go-oprf, a Go implementation using the Ristretto255 group and following RFC 9497, to explore constant-time cryptography — ensuring operations take the same time regardless of input to reduce timing side-channel risk. What’s interesting:  - Constant-time processing: pads inputs to a fixed size so processing time doesn’t leak information. - Benchmarks: times vary significantly with input length for the standard implementation, while the constant-time version stays flat with only ~1–3% fluctuation. If you’re interested in practical side-channel hardening, I’d love your feedback. Link to the code and results:  https://lnkd.in/diVtw_MK

Our senior security analyst Gianluca Baldi has published a follow-up to his popular Groovy Template Engine Exploitation writeup: https://lnkd.in/dCTvFj84 Check out some new practical exploitation tricks that he figured out while working on a real-world scenario. #WebApplication #PenetrationTesting #Groovy #TemplateInjection

MCP x Cursor PoC: Rogue MCP Servers, IDE Browsers, and Real Defenses Originally published at allenarch.dev A proof‑of‑concept published this week shows how a malicious Model Context Protocol (MCP) server can inject JavaScript into the built‑in browser of an AI IDE (e.g., Cursor/Windsurf/VsCode/ClaudeCode) and then leverage the editor's privileges for system actions. This post avoids rehash and focuses on what practitioners need: a clear threat model, a safe lab plan to reproduce (without destructive payloads), generic detections you can wire into your telemetry today, and a security baseline for MCP deployments. Key context: PoC impact (news + demo): Rogue MCP servers can replace login pages inside Cursor's in‑IDE browser and harvest credentials; the same capability can lead to workstation compromise (CSO Online, Nov 13, 2025; Knostic deep‑dive, Nov 5, 2025). Standard & ecosystem: MCP is an open protocol that connects LLM apps to tools/data; clients/servers exist across vendors (Anthropic/GitHub/OSS). Misconfigurations and weak session handling have alr https://lnkd.in/g_Z6Gb7E

With my personal experience I can tell you that Base44, being a URL-safe encoding system, is great for building applications that require compact and secure encoding schemes. It’s used for encoding binary data into a string format that can safely be included in URLs without issues. When building with Base44, developers typically appreciate its simplicity and versatility in handling things like session IDs, API keys, or data transmission, while avoiding the pitfalls of other encoding schemes like Base64, which may have unsafe characters for URL usage. Base44

We’ve just released Jupyter MCP Server 0.19.0 🎉 This update introduces a new “prompt” feature — try typing /jupyter-cite to cite specific cells in your notebook. It lets LLMs work more precisely with those cited cells for targeted operations. 📘 Learn more about prompts: https://lnkd.in/ekw_yfJK 🔗 Full release notes: https://lnkd.in/e62VxfNN

Using a Custom Regex Rule to Find Valid API Keys In this article, the author describes how they used custom regex rules to find valid Brave Search API keys hidden in a repository. The vulnerability involves exposing sensitive API keys through source code, which can lead to unauthorized access and financial costs for paid plans (such as exhausting the API's query quota). The exploitation process includes creating a custom Gitleaks rule file and running it against the repository, resulting in the discovery of a valid Brave Search API key. To verify the API key's validity, the author used a curl command to make requests against the Brave Search API backend infrastructure, confirming that the key was actively authenticated. The mitigation involves securely storing and managing sensitive API keys to prevent exposure in source code. https://lnkd.in/eG69YYrZ