Request forgeries (CSRF, XSRF, SSRF)
In 2020, CheckPoint Research announced multiple vulnerabilities in the popular social media application named TikTok. One of the found vulnerabilities allowed an attacker to delete…
Posts, tutorials, and general information about Application Security.
In 2020, CheckPoint Research announced multiple vulnerabilities in the popular social media application named TikTok. One of the found vulnerabilities allowed an attacker to delete…
Just like you have directories on your PC, laptop, and mobile phones, web servers also have directories. For example, if you were to purchase web…
We wrote a blog post introducing and explaining what Vault is, when it’s useful, and how to get started using it to manage your secrets.…
This is the story of how you print free money. It’s a story that involves an AWS account, a threat actor named GUI-Vil, and unauthorized…
What if you could take multiple senior developers and security experts, distill them into a tool, and then have the ability to run that tool…
AWS built its own Web Application Firewall and named the service AWS WAF, and we’re going to take a detailed look at how we can…
Vault is an open-source secrets management tool used to automate access to secrets, data, and systems. This blog post comes from our Explained in 180…
In practice, what is hashing used for? How is it being used in the real world? Let’s take a look at a few common hashing…
Password-based authentication has been proven time and time again to be a vulnerable form of authentication. One of the best defenses is using Multifactor Authentication,…
As you study for the CompTIA Security+ exam, it’s important that you understand the differences between plaintext, encrypted, and hashed passwords. It’s common to hear…
Please confirm you want to block this member.
You will no longer be able to:
Please allow a few minutes for this process to complete.