#secure-coding

May 7 · 7 min read · Modern application security tooling has a fundamental problem: Most scanners can identify suspicious patterns. Very few can actually reason about how software is exploited. That gap becomes painfully

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

File Inclusion in DVWA

May 5 · 22 min read · 1 Introduction In this post, the File Inclusion vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for local file inclusion (LFI) attacks on all levels is to read

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

OS Command Injection in Java: Secure Coding Patterns (Part 1)

May 5 · 19 min read · There are times when using the Java APIs is simply not sufficient. Video processing using FFmpeg, obtaining EXIF information, integrating with legacy tools – all of these are valid reasons for accessi

Join discussion

MBMouhamed Ben Abdallaherinmin-writeups.hashnode.dev

0

File path traversal, simple case WriteUp & Walkthrough

May 2 · 4 min read · Lab Writeup: File Path Traversal — Simple Case Platform: PortSwigger Web Security Academy Vulnerability: Path Traversal (CWE-22) Difficulty: Apprentice Tool Used: Caido (Burp Suite alternative) What

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Blind SQL Injection in DVWA

Apr 26 · 28 min read · 1 Introduction In this post, the Blind SQL Injection vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to find the version of the SQL

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

Directory Traversal in Java: Advanced Protection and Testing (Part 2)

Apr 20 · 22 min read · In previous part 1, we discussed the basics of directory traversal attacks, attack vectors, vulnerable code structures, and the essential mitigation techniques, including secure Spring Boot usage. In

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Insecure CAPTCHA in DVWA

Apr 18 · 27 min read · 1 Introduction In this post, the Insecure CAPTCHA vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the poor CAPTCHA system

Join discussion

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.dev

0

Weak Session IDs in DVWA

Apr 12 · 16 min read · 1 Introduction In this post, the Weak Session IDs vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to work out how the ID is generat

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

Directory Traversal in Java: A Comprehensive Security Guide (Part 1)

Apr 7 · 16 min read · Directory traversal vulnerabilities are at the core of a failure in the boundary between application logic and filesystem access. There is a tendency to focus on SQL injection, but directory traversal

Join discussion

Aarunadevquaters.hashnode.dev

0

Security in Mobile App Development: What Founders Get Wrong

Apr 6 · 4 min read · Most founders think security is something you “add later.”That mindset is exactly why apps get breached, users lose trust, and startups lose momentum overnight. Security isn’t a feature. It’s your fou

Join discussion

Tag feed

Tag feed

#secure-coding

Trending tags this week