Hooman Pegahmehrappsupport.academy·Jan 22, 2025What SSRF is and how to protect your web app against this type of attackSSRF occurs when an application allows users to supply a URL or other request parameters, which the server then uses to make HTTP or other network requests. An attacker manipulates these inputs to force the server to send requests to resources that t...Play by Play: Nodejs App Developmentowasp
jamarirjamarir.hashnode.dev·Jan 18, 2025[OWASP MASTG] Android - UnCrackable L1 & L2 & L3Just another Smali patch / Root bypass / Frida Interceptor bypass / JDP Debugging / Secret disclosure / Ptrace Write-up. Android Crackmes are a list of intentionally vulnerable Android applications. APKs link. Github link. OWASP page. You may check ...MobileCTF
Fidel Villanuevacloud.fvillanuevape.com·Jan 8, 2025Security Headers en Amazon CloudFrontUno de los proyectos de OWASP Secure Headers Project , donde se menciona que security headers en el response debe usar nuestra aplicación para incrementar la seguridad en nuestras aplicaciones. Estas recomendaciones incluyen las configuraciones en lo...AWS CloudAWS
Gemma Blackgemmablack.dev·Jan 5, 2025Understanding Sequelize's 'escape' functionSo a disclaimer. As a software engineer, I'm not a security expert. I rely heavily on those who know better, especially OWASP. So all feedback is welcome to help fix any flaws in the article or improve it. Sequelize is a very robust database ORM for...Sequelize
Neha Bawaneneha1302.hashnode.dev·Jan 3, 2025End to End Mega ProjectIntroduction The project is a complete DevOps pipeline designed to automate and optimize the software development lifecycle, from code integration to deployment and monitoring. It incorporates cutting-edge tools and technologies to implement robust C...1 likeSecurity
Sahil SikarwarforThe Firewallblogs.thefirewall.org·Dec 22, 2024Automating DAST with OWASP ZAP in GitHub ActionsIntroduction Imagine deploying your shiny new app only to find it riddled with vulnerabilities—like discovering your house has no doors after moving in. Enter OWASP ZAP, your friendly neighborhood security scanner, and GitHub Actions, the automation ...automation
Sahil Sikarwarsahilsikarwar.hashnode.dev·Dec 22, 2024Automating DAST with OWASP ZAP in GitHub ActionsIntroduction Imagine deploying your shiny new app only to find it riddled with vulnerabilities—like discovering your house has no doors after moving in. Enter OWASP ZAP, your friendly neighborhood security scanner, and GitHub Actions, the automation ...53 readsDAST
Atulpriya SharmaforCodeRabbit Blogcoderabbit-blog.hashnode.dev·Dec 16, 2024How to Automate OWASP Security Reviews in Your Pull Requests?The increasing reliance on web applications has made security a paramount concern for organizations worldwide. As they become more integrated, robust security is crucial. Recent reports indicate a rise in AI-driven attacks, with over 500,000 inciden...owasp
Jamessilent-byte.hashnode.dev·Dec 12, 2024Certified AppSec Practitioner (CAP) Exam: A Comprehensive OverviewI just passed the Certified AppSec Practitioner (CAP) exam, and I'm excited to share my experience, and resource used to prepare and important topics!. Something I Wanna Say: I believe the most exciting way to prepare for this exam is to dive into e...76 readsSecops Certification Reviews & Resourcesappsec
RookieCoderrookiecoder21.hashnode.dev·Dec 11, 2024🔐 SSL Pinning in Flutter: Your App’s Private BouncerImagine your app as an exclusive VIP party. Data flows in and out like guests at the door. But what if someone sneaks in wearing a fake ID? That’s where SSL Pinning comes in—it’s the bouncer that checks credentials, kicks out imposters, and ensures y...58 readsSSL