When developing a web application, web developers sometimes need to first turn data into a proper format so that.
2017 OWASP Top 10 for PHP Developers Part 7: Cross-Site Scripting (XSS)
We have all seen search forms, haven’t we? Take a look at mine: The above search form is pretty.
2017 OWASP Top 10 for PHP Developers Part 6: Security Misconfiguration
Web applications can be susceptible to all sorts of vulnerabilities: a web application can be vulnerable to at least.
2017 OWASP Top 10 for PHP Developers Part 5: Broken Access Control
Let’s take a scenario like so: I have a web application that allows people to buy software I created.
2017 OWASP Top 10 for PHP Developers Part 4: XML External Entities (XXE)
Ever processed XML files in your web application? If you did, you probably parsed their contents. And if you.
2017 OWASP Top 10 for PHP Developers Part 3: Sensitive Data Exposure
There is a lot of exposed data floating on the web. People hear about such events all the time.
2017 OWASP Top 10 for PHP Developers Part 2: Broken Authentication and Session Management
While browsing the web, you click on a link. The link leads you to a page like this: Looks.
Other uses of .htaccess: Making a .htaccess-based WAF
If you’re a web developer, you’re probably fammiliar with .htaccess. If you’re not, let me give you a quick introduction:.
An old Ticket System Security Analysis
Since I started building websites few years ago, I’ve created a few projects. Some of them never saw daylight,.
