-
Getting Started: Scanning badssl.com With DeepViolet TLS Workbench
DeepViolet TLS Workbench is a free, open-source Java tool that performs deep TLS/SSL analysis of any server. In this walkthrough we will download the CLI scanner from GitHub, point it at badssl.com, and break down what the results tell us about the server’s security posture. What Is badssl.com? badssl.com is a well-known test site maintained by [More…]
-
ZAP – Introducing DeepViolet
Article I wrote on the ZAP team’s integration of DeepViolet API.ZAP – Introducing DeepViolet [More…]
-
The JVMXRay Journey: From SecurityManager to Bytecode Injection
Every project has a story, not just the polished version you see on a README, but the real one. The wrong turns, the existential threats, the moments where you wonder if the whole thing is dead. JVMXRay has had all of those moments, and it’s still here. This is the story of how it got from there to [More…]
-
AI Is Writing Code Faster Than Security Can Follow — Runtime Visibility Is the Answer
There is a fundamental shift happening in software development right now, and it is not subtle. AI-assisted coding tools like, GitHub Copilot, Claude Code, Cursor, Windsurf, and others have changed the speed at which code gets written. Features that used to take a team a sprint now land in days. Entire modules materialize from a well-crafted prompt. Boilerplate that [More…]
-
Building A Java TLS/SSL Scanner With DeepViolet API
DeepViolet is a Java API that lets you programmatically scan and analyze TLS/SSL connections. Instead of relying on external tools like openssl or online scanners, you can embed certificate analysis, cipher enumeration, risk scoring, and more directly into your own Java applications. In this post we will clone the project, build it, write a small program that [More…]
