#secure-coding

4d ago · 22 min read · In previous part 1, we discussed the basics of directory traversal attacks, attack vectors, vulnerable code structures, and the essential mitigation techniques, including secure Spring Boot usage. In

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Insecure CAPTCHA in DVWA

5d ago · 27 min read · 1 Introduction In this post, the Insecure CAPTCHA vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the poor CAPTCHA system

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Weak Session IDs in DVWA

Apr 12 · 16 min read · 1 Introduction In this post, the Weak Session IDs vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to work out how the ID is generat

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

Directory Traversal in Java: A Comprehensive Security Guide (Part 1)

Apr 7 · 16 min read · Directory traversal vulnerabilities are at the core of a failure in the boundary between application logic and filesystem access. There is a tendency to focus on SQL injection, but directory traversal

Join discussion

Aarunadevquaters.hashnode.dev

0

Security in Mobile App Development: What Founders Get Wrong

Apr 6 · 4 min read · Most founders think security is something you “add later.”That mindset is exactly why apps get breached, users lose trust, and startups lose momentum overnight. Security isn’t a feature. It’s your fou

Join discussion

SMShubham Mishrasammy-secops.hashnode.dev

1

From Security Tool to Credential Stealer: The TeamPCP Trivy Supply Chain Attack

Apr 3 · 40 min read · TL;DR — Read This First On March 19, 2026 at approximately 17:43 UTC, threat actor group TeamPCP silently redirected trivy-action@0.34.2 — a real, trusted release already running in thousands of CI/CD

CCorrelic commented

SSSanket Shahblogs.deuexsolutions.com

0

Jenkins and DevSecOps: Automating Secure Software Delivery

Mar 31 · 7 min read · Why Secure Software Delivery Has Become a Priority Software delivery used to focus on speed. Teams wanted faster releases, quicker deployments, and shorter feedback cycles. That focus has shifted. Now

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

JavaScript Attacks in DVWA

Mar 26 · 21 min read · 1 Introduction In this post, the JavaScript Attacks vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to analyse and manipulate the J

Join discussion

TGTomer goldsteinshipsafe.hashnode.dev

0

Why AI Coding Tools Ship Insecure Code (And What To Do About It)

Mar 24 · 4 min read · I've been building a security scanner for the past few months, specifically designed for apps built with AI coding tools like Cursor, Lovable, Bolt.new, and v0. To validate whether the tool was actual

Join discussion

ATArchibald Titanarchibaldtitan.hashnode.dev

0

The Developer's Guide to Secure Coding Practices

Mar 24 · 2 min read · The Developer's Guide to Secure Coding Practices In today's interconnected world, writing secure code is more important than ever. It helps protect applications from vulnerabilities that could be exploited by malicious actors. This guide covers essen...

Join discussion

Tag feed

Tag feed

#secure-coding

Trending tags this week