My trainings

Public trainings

Come to my public trainings, everybody's welcome:

Trainings in Prague are held regularly in the middle of March, June, September, and December, in other cities irregularly.

In-house trainings

Any public training can also be turned into an in-house training. As an extra, I offer these in-house-only courses:

I also offer consulting for your business, contact me!

My articles

Upgrading existing password hashes (5. 9. 2017, Blog)

Still using MD5 or SHA-1 to store user passwords and want to gracefully migrate to e.g. bcrypt? Want to do it properly to protect all passwords in the database? Here's how.

(read more…)

Chrome, `ERR_SPDY_PROTOCOL_ERROR`, and an invalid HTTP header (28. 8. 2017, Blog)

When migrating your site to a more performant HTTP/2 protocol, it may happen that Chrome will not load a page and will display This site can’t be reached with ERR_SPDY_PROTOCOL_ERROR instead. HTTP/2 is derived from the earlier SPDY protocol, that's probably why the error message doesn't mention HTTP/2 at all.

(read more…)

Post a boarding pass on Facebook, get your account stolen (16. 8. 2017, Blog)

Holiday time is in full swing. When you want to brag about your final destination, be careful of what you post on Facebook and Instagram. Leave your boarding passes (and other barcodes) for yourself (and get a shredder).

(read more…)

All articles

My talks


Upcoming talks

Crackování hesel (nejen) z úniku
7. 10. 2017, LinuxDays 2017 (20 minutes)

I'll happily do a talk at your event or conference, let me know!


Správci hesel do hloubky
18. 9. 2017, HackerFest (30 minutes)

Z fotky na Facebooku až k unesenému účtu
21. 6. 2017, Internet a Technologie 17 (25 minutes) 📃

Jak získat A+ v SSL Labs Server Testu
21. 6. 2017, Internet a Technologie 17 (25 minutes) 📃

Threat Modelling and Attack Surface
31. 5. 2017, Friends of PHP meetup in Prague (English Friendly version) (45 minutes)

BeEF demo and what's new in CSP 3
30. 5. 2017, OWASP Czech Chapter Meeting (60 minutes)

All talks

Me answering questions

Blokování webů a stránek
4. 6. 2016, Český rozhlas Online Plus

Na 11. srazu Na volné noze
4. 6. 2016, 11. sraz Na volné noze

Webový vývojář musí mít hackerské myšlení
30. 5. 2016, Kyberbezpeč

Hlavní je používat hlavu, ale ne na hesla
3. 5. 2016, Host Radiožurnálu

Jak zvýšit zabezpečení vašeho webu?
17. 2. 2016, Mladý

All interviews