Articles by tag: web-security
OWASP Top 10 Explained: What It Is & Why It Matters
Learn what is the OWASP Top 10 and why does it matter for secure coding. A developer's guide to web app vulnerabilities, risks, and practical defense strategies.
Malicious Chrome Extension Disguised as YouTube Panel
Breakdown of a Malicious Extension from Chrome Web Store: Remote UI Management, Data Collection, and Hidden Monetization. Learn How to Spot Fake Add-ons.
DBSC in Chrome 146: TPM session protection
Learn how Device Bound Session Credentials binds cookies to TPM, making stolen tokens useless. Technical details, backend implementation, and comparison with App-Bound Encryption. For developers.
Argus toolkit for network reconnaissance
Study Argus: Python tool for DNS, SSL, web scanning and security checks. Installation, modules, examples for pentest. Automate recon — read the guide.
Web Application Vulnerabilities: XSS SQLi enumeration
Breakdown of top-3 vulnerabilities in web: user enumeration, XSS, SQL injections. Fix methods for developers: prepared statements, encoding. In-depth pentest guide.
Secure file upload in Go: 7 attacks
Analysis of 7 attacks on file upload in Go: type spoofing, DoS, path traversal, SSRF. Crypto-identification ECDSA, magic bytes, MaxBytesReader. For middle/senior dev.