Tag feed

#secure-coding

111 posts11 followers

Explore Hashnode

Alternatives

Trending tags this week

SKSreeram K Scode-as-a-story.hashnode.dev3d ago · 6 min read

What is XSS (Cross-Site Scripting)?

Story Time Imagine your office has a public notice board where anyone can walk up and pin messages like “Team lunch at 1 PM” and “Meeting moved to 3 PM”. Everyone trusts this board and whatever is wri

0

YPYogesh Peelaexploitnotes.hashnode.devJun 8 · 5 min read

Render & Plunder - dalCTF 2026

Challenge: Render & PlunderCategory: Web Security / Defense Challenge Description I wrote a user-profile service with a nice renderer for myself. Surely it's secure, right? Take a look and patch any

0

ZMZahradeen Muazuitxdeeni.hashnode.devMay 7 · 7 min read

SentinAI: Building an Autonomous AI Security Auditor

Modern application security tooling has a fundamental problem: Most scanners can identify suspicious patterns. Very few can actually reason about how software is exploited. That gap becomes painfully

0

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.devMay 5 · 22 min read

File Inclusion in DVWA

1 Introduction In this post, the File Inclusion vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for local file inclusion (LFI) attacks on all levels is to read

0

MNMilan Nikicsecuritydepth.hashnode.devMay 5 · 19 min read

OS Command Injection in Java: Secure Coding Patterns (Part 1)

There are times when using the Java APIs is simply not sufficient. Video processing using FFmpeg, obtaining EXIF information, integrating with legacy tools – all of these are valid reasons for accessi

0

MBMouhamed Ben Abdallaherinmin-writeups.hashnode.devMay 2 · 4 min read

File path traversal, simple case WriteUp & Walkthrough

Lab Writeup: File Path Traversal — Simple Case Platform: PortSwigger Web Security Academy Vulnerability: Path Traversal (CWE-22) Difficulty: Apprentice Tool Used: Caido (Burp Suite alternative) What

0

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.devApr 26 · 28 min read

Blind SQL Injection in DVWA

1 Introduction In this post, the Blind SQL Injection vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to find the version of the SQL

0

MNMilan Nikicsecuritydepth.hashnode.devApr 20 · 22 min read

Directory Traversal in Java: Advanced Protection and Testing (Part 2)

In previous part 1, we discussed the basics of directory traversal attacks, attack vectors, vulnerable code structures, and the essential mitigation techniques, including secure Spring Boot usage. In

0

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.devApr 18 · 27 min read

Insecure CAPTCHA in DVWA

1 Introduction In this post, the Insecure CAPTCHA vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to bypass the poor CAPTCHA system

0

WBWiktoria Blomgren Strandbergpentesting-dvwa.hashnode.devApr 12 · 16 min read

Weak Session IDs in DVWA

1 Introduction In this post, the Weak Session IDs vulnerability in the Damn Vulnerable Web Application (DVWA) is described. The objective for attacks on all levels is to work out how the ID is generat

0

#secure-coding

Search Hashnode

#secure-coding

Explore Hashnode

Trending tags this week

What is XSS (Cross-Site Scripting)?

Render & Plunder - dalCTF 2026

SentinAI: Building an Autonomous AI Security Auditor

File Inclusion in DVWA

OS Command Injection in Java: Secure Coding Patterns (Part 1)

File path traversal, simple case WriteUp & Walkthrough

Blind SQL Injection in DVWA

Directory Traversal in Java: Advanced Protection and Testing (Part 2)

Insecure CAPTCHA in DVWA

Weak Session IDs in DVWA