Tag feed

#web-security

252 posts35 followers

Trending tags this week

Walking An Application (TryHackMe)

1h ago · 18 min read · Link to the Walkthrough/Challenge on TryHackMe: Walking An Application Walking An Application In this room, you will learn how to manually review a web application for security issues using only the b

Join discussion

JJebitoksharonjebitok.com

0

Dive Into Pentesting (TryHackMe)

2h ago · 27 min read · Link to the walkthrough in TryHackMe: Dive Into Pentesting Introduction Penetration testing is a proactive security practice that helps organisations uncover weaknesses in their systems, applications,

Join discussion

JJebitoksharonjebitok.com

0

Web Server Attacks - I (TryHackMe)

3h ago · 33 min read · Link to the Walkthrough in TryHackMe - Web Server Attacks - I Introduction During a penetration test, you will almost always run into at least one web server. Sometimes it is a production Apache site

Join discussion

ODOladele David Temidayooladele.hashnode.dev

0

Turning a Permission Model Into a Guard

1d ago · 12 min read · This is Part 4 of the series Building Multi-Tenant Systems That Match the Real World. Part 1: Designing Multi-Tenant Backends With Both Ownership and Team Access Part 2: How to Model Teams Inside

Join discussion

AEAdeshina Emmanueleadeshina.hashnode.dev

0

I Built a Security Header Scanner That Actually Understands Redirects

4d ago · 5 min read · The problem I was solving I needed a fast, repeatable way to audit HTTP security headers on live sites. Not a full penetration test — just a focused check that tells me what's missing, what's weak, an

Join discussion

PHPablo Huertaspablohuertas.dev

0

Why WordPress sites get compromised: Root cause patterns from real incident reviews

May 19 · 17 min read · Looking back, it's rarely a surprise when a WordPress site gets hacked. When you do the forensic work, when you actually dig through the logs, the modified files, the injected code, there's almost alw

Join discussion

VVaibhaviamvs2002.hashnode.dev

0

The 40 KB File That Can Break a Server (And What It Taught Me About Zip Bombs)

May 16 · 4 min read · A 40 KB file shouldn’t be able to stress a server. But a zip bomb is exactly the kind of edge case that makes that assumption dangerous. A concept that sounds almost like a meme… until you realize how

Join discussion

HKHammad Khanhammad-khan.hashnode.dev

0

CSP Headers in Practice: Lessons From a Real Security Audit Pass

May 16 · 8 min read · CSP Headers in Practice: Lessons From a Real Security Audit Pass The first time I deployed a strict Content Security Policy in production, the application broke in three places nobody had ever thought

Join discussion

RBRhythm Bhattaraiblog.veilscan.net

0

How to Check Your Website for Vulnerabilities (Free)

May 13 · 4 min read · Most founders assume their website is secure because nothing bad has happened yet. That assumption is exactly what attackers rely on. Your website is not just the pages your users see. It includes eve

Join discussion

MAMd Asif Ullah Chowdhuryasifthewebguy.hashnode.dev

0

API Rate Limiting and Security Best Practices for 2026

May 13 · 17 min read · Three years ago, I woke up to a $1,200 AWS bill. Someone had found my staging API, scraped every endpoint for six hours straight, and triggered enough Lambda invocations to fund a small vacation. No r

Join discussion

#web-security

Search Hashnode

#web-security

Trending tags this week

Walking An Application (TryHackMe)

Dive Into Pentesting (TryHackMe)

Web Server Attacks - I (TryHackMe)

Turning a Permission Model Into a Guard

I Built a Security Header Scanner That Actually Understands Redirects

Why WordPress sites get compromised: Root cause patterns from real incident reviews

The 40 KB File That Can Break a Server (And What It Taught Me About Zip Bombs)

CSP Headers in Practice: Lessons From a Real Security Audit Pass

How to Check Your Website for Vulnerabilities (Free)

API Rate Limiting and Security Best Practices for 2026