0xryzn1ghtm4r3.hashnode.dev·Nov 26, 2024Bug Bounty Cartel Stories - November EditionIntroduction Time flies—it’s already been a month since the last edition! Welcome to the November edition of The Bug Bounty Cartel Stories. This month has been particularly rewarding for me as a bug hunter. In fact, it’s shaping up to be my best mont...Discuss·74 readsThe Bug Bounty Cartel Stories#cybersecurity
Roja Gnanaveltrustedhtmlapi.hashnode.dev·Nov 19, 2024TrustedHTML - Why Can't I Create Web Components from the Console?I came across the TrustedHTML API while working with Web Components in the Lit framework. Being a lazy developer, I prefer testing things directly in the browser console instead of creating separate files. During one of these experiments, I ran into ...DiscussTrustedHTML
Yarelys Riveracyberyara.com·Nov 4, 2024How Secure Web Traffic Happens: Step-by-Step GuideWe've all experienced that sense of relief when we see the lock icon or “your connection is secure”. But have you ever wondered what's happening behind the scenes to make that possible? Secure web traffic is essential for protecting sensitive data tr...DiscussSecure Web Traffic
Allan WANJIKUblog.allanwanjiku.tech·Oct 31, 2024Cookies Explained: Why Websites Remember YouCookies are a crucial part of the HTTP protocol. They allow the server to send data to the client, which the client stores and resubmits to the server. While they enable swift browsing, they are also vulnerable to abuse by hackers. Main uses of cooki...Discusswebsite tracking
Pamela Salonpamsalon.hashnode.dev·Oct 29, 2024How Web Security Fosters Trust with UsersAs more organizations and individuals migrate their activities to online platforms, cyber threats continue to evolve in complexity. According to Expert Insights, websites experience an average of 94 cyberattacks and are visited by 2,608 bots weekly. ...Discusssecure websites
Manish ShivanandhanforfreeCodeCampfreecodecamp.org·Oct 25, 2024Google Dorking: How to Find Hidden Information on the WebLet’s learn how to find hidden information online by using advanced search operators on Google. The internet holds vast amounts of information. Much of this information is accessible through Google. But did you know you can use Google in ways beyond ...DiscussWeb Security
Abishek Kafledevops.abisec.xyz·Oct 19, 2024Mapping LLM API attack surfaceIntroduction Organizations are quickly integrating Large Language Models (LLMs) to enhance their online customer experience. However, this exposes them to web LLM attacks, which exploit the model's access to data, APIs, or user information that an at...DiscussInfosecllm
Abishek Kafledevops.abisec.xyz·Oct 17, 2024SSTI CTF Challenge 1Lab Setup Create a folder for the challenge. mkdir ssti_ctf1_challenge cd ssti_ctf1_challenge Set up the environment python3 -m venv venv source venv/bin/activate pip install Flask Create app.py from flask import Flask, request, render_te...DiscussCode ReviewServer side rendering
Krzysztof Kałamarskikkalamarski.me·Oct 17, 2024Automate Your Web Security: Mastering Authenticated ZAP Scans with the ZAP Automation FrameworkAs developers, we strive to deliver secure systems to our clients. However, with large applications and hundreds of potential vulnerabilities and attacks, performing manual security testing for each new release can be a daunting task. Fortunately, th...Discusszap
Okoye Ndidiamakaamikdigital.hashnode.dev·Oct 13, 2024Cross-Site Scripting and CSRF: Secure Your Web Application against Common AttacksThe internet revolutionized our life, communication, and business, but this transformation is accompanied by security threats that grow. Among the most prevalent types of attacks that a web developer or any organization wants to safeguard against inc...DiscussXSSprevention