Contributions

Article
Learn how Ecto encourages you to write secure code, what a function vulnerable to SQL injection looks like, and how Sobelow prevents this vulnerabliity.
Article
A short blog post showing two ways to write a function, and why one style is better than the other.
Article
Learn how to crack a bank app using Elixir. This is a writeup for the remote attendee instance, if you played this in-person at ElixirConf the setup was different.
Article
In 1996 Google co-founder Larry Page posted in comp.lang.java, Q: Setting User-Agent Field?. 26 years later, you may still need to set the User-Agent in your project. Here are four examples from the Elixir HTTP clients Finch, HTTPoison, Req, and Tesla.
Article
Paraxial.io protects your Phoenix application from malicious bots. Similar products are reCaptcha and Cloudflare, neither of which are designed for Elixir.

Starting today, the Paraxial.io beta is open to new users, no invitation necessary. We have published a detailed guide that walks you through how to protect your Phoenix application with Paraxial, via a simple mix dependency.

https://hexdocs.pm/paraxial/getting_started.html
Article
Are you familiar with credential stuffing attacks? Maybe you have heard about the dangers of password reuse, and even implemented defenses in your own Elixir/Phoenix apps. Have you ever tested the defense?

In this post, learn how credential stuffing works by writing your own testing program in Elixir. If your Phoenix application stores sensitive data, this is an excellent project to see if your current controls are working.

https://paraxial.io/blog/credential-stuffing
Service
Are you currently dealing with bots disrupting your Elixir app?

The Paraxial.io beta is currently accepting new members, email [email protected] and someone will reply to you with more information. Thank you!
Tutorial
This blog post details:

1. How to retrieve lists of data center IP prefixes when a Phoenix application starts.
2. Using a radix tree to store IP prefixes for fast lookup.
3. Why Erlang’s persistent_term module is the best choice for this problem.
Service
Paraxial.io is bot detection and prevention for Elixir and Phoenix applications. If you are currently dealing with scrapers, credit card fraud, or credential stuffing, Paraxial.io is the best way to stop attackers and keep your users safe. Mention libhunt in your email to [email protected] for a 10% discount for the first three months!
Tutorial
A tutorial on how credential stuffing attacks can occur against a Phoenix application, and some strategies to mitigate them using PlugAttack. The post walks through:

- Setting up a victim application, named orru
- Using a basic script to perform automated logins, envy
- The throttle and fail2ban rules in PlugAttack, and some potential pitfalls you may run into when setting them up, and how to avoid them