Web applications can be susceptible to all sorts of vulnerabilities: a web application can be vulnerable to at least.
2017 OWASP Top 10 for PHP Developers Part 5: Broken Access Control
Let’s take a scenario like so: I have a web application that allows people to buy software I created.
2017 OWASP Top 10 for PHP Developers Part 4: XML External Entities (XXE)
Ever processed XML files in your web application? If you did, you probably parsed their contents. And if you.
2017 OWASP Top 10 for PHP Developers Part 3: Sensitive Data Exposure
There is a lot of exposed data floating on the web. People hear about such events all the time.
2017 OWASP Top 10 for PHP Developers Part 2: Broken Authentication and Session Management
While browsing the web, you click on a link. The link leads you to a page like this: Looks.
Other uses of .htaccess: Making a .htaccess-based WAF
If you’re a web developer, you’re probably fammiliar with .htaccess. If you’re not, let me give you a quick introduction:.
An old Ticket System Security Analysis
Since I started building websites few years ago, I’ve created a few projects. Some of them never saw daylight,.
BreachDirectory has passed the 5 Billion record mark – here’s what it means
When I first began creating BreachDirectory, I thought I’d see at most a hundred million records. Okay, maybe half.
Your passwords are terrible, and it’s time to do something about it
You know what surprises me the most in regards to data breaches? It’s the fact that people still continue.