How a pentester struggled with bug bounties until this new mindset helped him breakthrough
"It was a long, arduous, journey to finding my first bug." Then one day, Hakluke attended a talk by @shubs that changed his mindset about how to appro…
Tag: Web Security
What is Cross-Site Scripting (XSS)?
According to both OWASP and CWE, Cross-Site Scripting is one of the top 10 most dangerous web application security risks, and for good reason: OWASP’s…
4 steps to getting started securing applications
A lot of times, especially when you join smaller organizations, there are no (or very few) formal processes in place. The approach taken to secure…
What are SQL Injections (SQLi)? Introduction to powerful techniques
We’ve talked about what SQL is, but now, let’s talk about one of the most common and dangerous web-based attacks: SQL injections (aka SQLi). In…
What is Information Leakage, and how do you prevent it?
One of the most commonly found flaws in web applications and mobile applications is information leakage. But what is information leakage, why is it a…
Simple Guide to Checking for WordPress Vulnerabilities
It should come as no surprise that WordPress has a massive target on its back given how popular a platform it has become. To add…