Vladimir, Author at Sqreen Blog

46 views
7 minute read
2 comments

Behind the Scenes: Building a Dynamic Instrumentation Agent for Node.js

Vladimir
March 9, 2017

TL;DR Building a dynamic instrumentation agent for Node.js is a complex challenge. At Sqreen, we provide a powerful security tool for development teams using Node.js. You will be able to…

View Post

How to avoid NoSQL injections in MongoDB in a Node.js app

62 views
3 minute read
2 comments

How to prevent NoSQL injections in MongoDB in a Node.js app

Vladimir
January 12, 2017

Continued MongoDB breaches have cruelly reminded MongoDB users that security should be a major concern. But configuration is not the only weak spot in MongoDB’s armor. Here is the second…

View Post

NoSQL injections in Node.js with MongoDB

99 views
4 minute read
8 comments

MongoDB will not prevent NoSQL injections in your Node.js app

Vladimir
December 15, 2016

Last updated: December, 2020 The follow-up on how to prevent NoSQL injections in MongoDB in a Node.js app can be found here. TL;DR – Mongo and Node.js are not safe…

View Post

29 views
3 minute read
No comments

Identify Tor connections in Node.js with Tor-test

Vladimir
November 15, 2016

We released a new feature to our web-application protection tool: Sqreen now monitors the user traffic originated from Tor. All security events linked to such connections is highlighted, and particular…

View Post

93 views
5 minute read
9 comments

One easy way to inject malicious code in any Node.js application

Vladimir
August 22, 2016

tl;dr This article describes a method of injecting arbitrary code in Node.js modules. It does not encourage unethical behavior. The chain used to include instances of modules can be tampered to…

View Post