If you’re a web developer, you’re probably fammiliar with .htaccess. If you’re not, let me give you a quick introduction:.
An old Ticket System Security Analysis
Since I started building websites few years ago, I’ve created a few projects. Some of them never saw daylight,.
BreachDirectory has passed the 5 Billion record mark – here’s what it means
When I first began creating BreachDirectory, I thought I’d see at most a hundred million records. Okay, maybe half.
Your passwords are terrible, and it’s time to do something about it
You know what surprises me the most in regards to data breaches? It’s the fact that people still continue.
A journey back in time: The analysis of the first version of my WAF
As you might already know, back in 2014, I’ve developed a custom Web Application Firewall. You’ll see one adorning.
10 ways to increase the security of your WordPress application
When someone mentions WordPress, you will often hear people saying “don’t use it, it’s insecure”. In a sense, those.
How I could have pwned my highschool (SQLi, CSRF, Hardcoded Passwords & XSS) Part 2: Investigating the Breach
Honestly, this is a blog title I’ve never expected to write, but hey, data breaches happen – no website.
Your website needs a CSP. Here’s why
Here’s a scenario: You create a website and make it available online. Your website ends up getting hacked (it.
Your website has assets – You need SRI
All websites have something worth protecting. Those valuable things are frequently loaded from a CDN (Content Delivery Network) which is.
