Chetan Mittalblog.railsforgedev.com·Dec 13, 2024Rails 8.0 Credentials: The Ultimate Guide to Secure Configuration ManagementIn the ever-evolving landscape of web development, Ruby on Rails continues to prioritize security and developer experience. The removal of config.read_encrypted_secrets in Rails 8.0 marks a significant shift in how applications handle sensitive con...180 readsRails 8.0
b1d0wsb1d0ws.hashnode.dev·Nov 19, 2024AppSec Project - Chapter 4, SAST Tools and ContainerizationIntroduction Hello! Today, we’ll explore testing various SAST tools to evaluate their effectiveness in helping us secure our application. Additionally, we’ll containerize our app and make final adjustments to bring the project to completion. Our bran...120 readspentesting
Ohekpeje Joel Odeyjoelodey.hashnode.dev·Nov 17, 2024Lab: Broken brute-force protection, multiple credentials per requestLab Scenario: Our objective is to understand and exploit a web application's broken brute-force protection, where the login credentials are submitted in JSON format. By manipulating the request to submit multiple credentials, we aim to bypass the pro...1 likePortSwigger Authentication Labswebsecurity
b1d0wsb1d0ws.hashnode.dev·Oct 29, 2024AppSec Project - Chapter 2, Manually fixing more vulnerabilitiesIntroduction Hello, and welcome to chapter 2 of our AppSec project! If you're not up to speed with what's going on, be sure to start with chapter 1. Today, we'll continue our journey of manually fixing vulnerabilities. Without further delay, let's st...160 readsPostsSecurity
Romman Sabbirrommansabbir.com·Oct 27, 2024Android Security Approaches: Encryption and Secure PracticesIn this article, we explore essential security techniques and encryption methods to protect Android applications. Covering a broad spectrum of security approaches, we highlight the use of data encryption (AES, RSA, and Android KeyStore), secure user ...92 readsAndroid : Security, Encryption and Secure Practicesapproaches
Shivanshi Singhshivanshi770.hashnode.dev·Oct 25, 2024Top Security Testing Tools for Ensuring Application SafetyIn today's digital age, ensuring application security is more crucial than ever. As cyber threats continue to evolve, businesses must be proactive in safeguarding their applications. Security testing tools play a vital role in identifying vulnerabili...Software Testing
Okoye Ndidiamakaamikdigital.hashnode.dev·Oct 14, 2024Secure Coding Practices to Protect Your Code in the Digital EraIn a world where cyber threats are continuously evolving, secure coding practices have become very significant. Writing secure code is something that every developer-from small project freelancers to enterprise-scale application developers-needs to f...Web Development
Abhiramcloudbuddy.hashnode.dev·Oct 11, 2024The Human Element of Cybersecurity: A Deep DiveIn today's complex digital landscape, cybersecurity is a multifaceted challenge that requires a holistic approach. While technology plays a vital role in protecting organizations from threats, the human element is equally critical. In a recent episod...cloud security awareness
Harshal Shahdelvingwithharshal.hashnode.dev·Sep 25, 2024Open Redirection Attacks: Comprehensive Analysis with Practical CasesIn the world of web application security, Open Redirection Attacks often go unnoticed but pose significant threats if left unchecked. These attacks can be exploited by malicious actors to redirect unsuspecting users to untrusted or malicious websites...Fortify and Defend: Navigating the Cybersecurity Landscapeopen redirection
Ohekpeje Joel Odeyjoelodey.hashnode.dev·Aug 24, 2024Lab: HTTP request smuggling, basic TE.CL vulnerabilityLab Scenario: Our mission is to explore and exploit a simulated web application's vulnerability to HTTP request smuggling. We'll use the TE.CL technique to manipulate the transfer encoding and content length, revealing potential security weaknesses. ...10 likes·26 readsPortSwigger HTTP request smuggling Labsportswigger
