#secure-coding

4d ago · 22 min read · In Part 1, we discussed the requirements of passwords according to NIST recommendations, various methods of rate limiting using sliding window and exponential backoff, and ways to avoid enumeration of

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

Authentication Vulnerabilities in Java: Credential Transmission & Password Reset (Part 2)

Mar 3 · 19 min read · In Part 1, we have already discussed the password policies based on the guidelines provided by the NIST, rate limiting for preventing brute-force attacks, and preventing username enumeration through c

Join discussion

RNRuntime Noderuntime-node.hashnode.dev

1

I built a 45MB, 0-Vulnerability Node.js Runtime (and why you should stop using node:alpine)

Feb 27 · 4 min read · The Problem with "Standard" Images If you are a Node.js developer, your Dockerfile probably starts with one of two lines: FROM node:24 or FROM node:25 (Debian-based) FROM node:24-alpine or FROM node

Kklement commented

EWEricson Williansscarletbuffer.hashnode.dev

0

When Deserialization Meets eval(): Anatomy of a Full-Stack Compromise

Feb 26 · 5 min read · Security incidents rarely hinge on a single catastrophic bug. More often, they emerge from layered design shortcuts — each individually survivable, but collectively fatal. This case study examines a r

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

Authentication Vulnerabilities in Java: Password Security & Rate Limiting (Part 1)

Feb 23 · 17 min read · Authentication is the most critical security boundary within a web application. A user claims to be Alice: the application has to validate that claim before granting access. Despite the long history o

Join discussion

CCyberFreak999cyberfreak.hashnode.dev

0

How to Test for IDOR Vulnerabilities

Feb 22 · 4 min read · You log into a web app to download your invoice. The URL looks harmless: https://example.com/invoice?id=4521 Out of curiosity, you change the number to 4520. You suddenly see someone else’s invoice.

Join discussion

SXShuran Xuembeddedville.hashnode.dev

0

A Practical Cortex-M Bare-Metal Secure Boot Kit

Feb 23 · 7 min read · What is secure boot? Secure boot is one of those topics that sits at the intersection of embedded software, system security, and real products. Everyone has heard of it. Many projects mention it. Fewe

Join discussion

AMAppSec Masterappsecmaster.hashnode.dev

0

Coding Security Guide: Best Practices for Safe Software

Feb 13 · 5 min read · In the digital age, Coding Security is critical for protecting software from malicious attacks. Applications, websites, and cloud services are vulnerable if developers overlook security measures. This guide explores core concepts, real-world examples...

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

SQL Injection in Java: Defense Strategies and Detection (Part 2)

Feb 10 · 16 min read · Welcome to Part 2 of this SQL injection in Java blog series. In Part 1, we introduced SQL injection and learned about secure coding best practices for SQL injections in JDBC, JPA/Hibernate, and Spring Data JPA. The second part will discuss the securi...

Join discussion

MNMilan Nikicsecuritydepth.hashnode.dev

0

SQL Injection in Java: Secure Coding Patterns (Part 1)

Feb 3 · 12 min read · SQL injection attacks are a common issue in modern web applications. In OWASP Top 10 2025, injection errors are one of the most significant threats to web application security. SQL injection attacks have been cited as one of the most common injection...

Join discussion

Tag feed

Tag feed

#secure-coding

Authentication Vulnerabilities in Java: Session Management & Advanced Security (Part 3)

Authentication Vulnerabilities in Java: Credential Transmission & Password Reset (Part 2)

I built a 45MB, 0-Vulnerability Node.js Runtime (and why you should stop using node:alpine)

When Deserialization Meets eval(): Anatomy of a Full-Stack Compromise

Authentication Vulnerabilities in Java: Password Security & Rate Limiting (Part 1)

How to Test for IDOR Vulnerabilities

A Practical Cortex-M Bare-Metal Secure Boot Kit

Coding Security Guide: Best Practices for Safe Software

SQL Injection in Java: Defense Strategies and Detection (Part 2)

SQL Injection in Java: Secure Coding Patterns (Part 1)

#secure-coding

Search Hashnode

#secure-coding

Authentication Vulnerabilities in Java: Session Management & Advanced Security (Part 3)

Authentication Vulnerabilities in Java: Credential Transmission & Password Reset (Part 2)

I built a 45MB, 0-Vulnerability Node.js Runtime (and why you should stop using node:alpine)

When Deserialization Meets eval(): Anatomy of a Full-Stack Compromise

Authentication Vulnerabilities in Java: Password Security & Rate Limiting (Part 1)

How to Test for IDOR Vulnerabilities

A Practical Cortex-M Bare-Metal Secure Boot Kit

Coding Security Guide: Best Practices for Safe Software

SQL Injection in Java: Defense Strategies and Detection (Part 2)

SQL Injection in Java: Secure Coding Patterns (Part 1)