© 2023 Hashnode
#application-security
What is web stack monitoring? When most people hear the word "monitoring", they know this to be when you are being watched or you are watching over something. But in software engineering, web stack mo…
Path traversal is a type of security vulnerability that can occur when a web application or service allows an attacker to access server files or directories that are outside the intended directory str…
In this article, we’ll look at three popular frameworks — Express.js, NestJS, and Fastify — and evaluate them according to how well they align with the Node.js security best practices. JavaScript is the world’s most popular programming lang…
Vue is a popular JavaScript framework for building versatile web interfaces. Some of its most compelling features are its easy integration into existing code-bases and lightweight framework, making it easy for developers to start using in t…
TLDR This article walks us through a current Snyk Security Labs research project focusing on cloud based development environments (CDEs) — which resulted in a full workspace takeover on the Gitpod platform and extended to the user’s SCM acc…
Node.js presents a single-threaded event loop to your application, which allows CPU-bound operations to block the main thread and create delays. The worker_threads module addresses this problem by providing a mechanism for running code in p…
Were you tasked with building a product that requires the execution of dynamic JavaScript originating from end users? You might think building it on-top of Node.js VM module is a viable way to create a JavaScript sandbox. In this article, w…
The resources for learning the four fundamental skills were introduced in Part 1. In this part, we'll focus on the following topics: OWASP Top 10 OWASP Testing guide Web applications to perform tes…
Ever wondered what it means when you read the headlines or hear - "Hackers attacked XYZ systems! Possibility of a data breach!" Of course, this doesn't mean attacking using arrows or weapons but how d…
I recently finished writing my debugging book and a debugging course. And as a result, I frequently get asked about my favorite debugging features. Debugging is much more than the IDE debugger. In fact, only the first chapter in the book de…