Tag feed

#access-control

138 posts6 followers

Explore Hashnode

Alternatives

Trending tags this week

AAAiyedogbon Abrahamfreecodecamp.orgJun 4 · 26 min read

How Attribute-Based Access Control Helps You Write Better Authorization Rules

Every application that handles user data eventually hits the same problem: not all users should see the same things. A junior nurse should not be able to access every patient record in the hospital. A

0

FAFavour Ajayefavourajaye.hashnode.devMay 13 · 27 min read

Anatomy of a Preventable Drain: What the Wasabi Protocol Exploit Teaches DeFi About Admin Key Security, Governance Architecture, and Operational Discipline

Introduction On April 30, 2026, Wasabi Protocol lost $5.9 million across Ethereum, Base, Berachain, and Blast in under three minutes. The attacker did not exploit a bug in the smart contract code. The

0

Kkristofprzybylakcyber-hunter.hashnode.devMay 12 · 3 min read

How a Voucher Validation Flaw Led to More Than €10,000 in Credit

The Discovery The platform offered newly registered users a welcome voucher that could be redeemed for credit. At first glance, the implementation appeared secure. Manually modifying the visible vouch

0

MBMouhamed Ben Abdallaherinmin-writeups.hashnode.devMay 12 · 8 min read

Unprotected Admin Functionality

Platform: PortSwigger Web Security Academy Category: Access Control / Vertical Privilege Escalation Difficulty: Apprentice Tool(s): Browser only Date: 12/05/2026 Overview This lab demonstrates a ver

0

Oosint78shemkar.hashnode.devApr 26 · 6 min read

One Extra JSON Key: How a Harmless Profile Endpoint Became an ATO Candidate

The harmless profile endpoint that taught me how real bugs work Early in my bug bounty journey, I found a bug that looked simple from the outside, but it changed the way I think about web security. At

0

BDBolaji Daniel - D4N0thisisd4n0.hashnode.devApr 13 · 6 min read

OWASP Top 10 for DeFi – Access Control Vulnerabilities (SC01:2026)

Introduction As part of my ongoing Web3 security journey, I’ve started studying the OWASP Top 10 for DeFi, beginning with one of the most critical categories: Access Control Vulnerabilities. Access co

0

BDBolaji Daniel - D4N0thisisd4n0.hashnode.devApr 13 · 6 min read

The Parity Multisig Exploit (2017) — A Catastrophic Access Control Failure

Introduction Among all access control vulnerabilities in smart contract history, the Parity Multisig exploit of 2017 remains one of the most impactful and instructive. Unlike typical exploits where at

0

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.devMar 8 · 14 min read

Authorisation Bypass in DVWA

1 Introduction In this post, the Authorisation Bypass vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to identify any areas where a

0

CCyberFreak999cyberfreak.hashnode.devFeb 22 · 4 min read

How to Test for IDOR Vulnerabilities

You log into a web app to download your invoice. The URL looks harmless: https://example.com/invoice?id=4521 Out of curiosity, you change the number to 4520. You suddenly see someone else’s invoice.

0

SSifytechnologiespublic-cloud.hashnode.devFeb 10 · 12 min read

AI Workload Security: What Every Business Leader Must Know

Table of Contents Introduction The Business Risk Landscape of AI Security Understanding AI Security Requirements for Non-Technical Leaders Key Questions to Ask Your Technology Teams Building Board-Level Oversight for AI Security Investing in AI...

0

#access-control

Search Hashnode

#access-control

Explore Hashnode

Trending tags this week

How Attribute-Based Access Control Helps You Write Better Authorization Rules

Anatomy of a Preventable Drain: What the Wasabi Protocol Exploit Teaches DeFi About Admin Key Security, Governance Architecture, and Operational Discipline

How a Voucher Validation Flaw Led to More Than €10,000 in Credit

Unprotected Admin Functionality

One Extra JSON Key: How a Harmless Profile Endpoint Became an ATO Candidate

OWASP Top 10 for DeFi – Access Control Vulnerabilities (SC01:2026)

The Parity Multisig Exploit (2017) — A Catastrophic Access Control Failure

Authorisation Bypass in DVWA

How to Test for IDOR Vulnerabilities

AI Workload Security: What Every Business Leader Must Know