The most insightful stories about Web App Security

Web App Security

Topic

128 Followers

838 Stories

Recommended stories

In
InfoSec Write-ups
by
sushil phuyal
Cookie Jar Overflow: A New Threat to HttpOnly Cookies in XSS Vulnerable Applications
Cross-Site Scripting (XSS) is often considered a beautiful attack due to its elegance and effectiveness in exploiting vulnerabilities…
6d ago
Curity
Best Practices for Storing Access Tokens in the Browser
When storing tokens, you should weigh the choice of storage against the security risks. Find out about the best solution.
Apr 19
3
Md. Mahim Bin Firoj
SQLmap cheat sheetDisclaimer: Before using the sqlmap tool, you must have proper permission to play with the database. Hacking is illegal. The author will…
5d ago
5d ago
0xbugatti
JS Review and Abuse GraphQL Result 10xBAC + Admin Panel ATODear Guys
Nov 27
5
Nov 27
5
Ihor Polataiko
Spring Security Guide. Part 10: OAuth client implementationExploring Spring Security OAuth client implementation to enable Single-Sign-On via Github. Custom implementation of OAuth2UserService
Dec 5
Dec 5

Cookie Jar Overflow: A New Threat to HttpOnly Cookies in XSS Vulnerable Applications

InfoSec Write-ups

sushil phuyal

Cookie Jar Overflow: A New Threat to HttpOnly Cookies in XSS Vulnerable Applications

Cross-Site Scripting (XSS) is often considered a beautiful attack due to its elegance and effectiveness in exploiting vulnerabilities…

6d ago

Best Practices for Storing Access Tokens in the Browser

Curity

Best Practices for Storing Access Tokens in the Browser

When storing tokens, you should weigh the choice of storage against the security risks. Find out about the best solution.

Apr 19

Md. Mahim Bin Firoj

SQLmap cheat sheet

Disclaimer: Before using the sqlmap tool, you must have proper permission to play with the database. Hacking is illegal. The author will…

5d ago

JS Review and Abuse GraphQL Result 10xBAC + Admin Panel ATO

0xbugatti

JS Review and Abuse GraphQL Result 10xBAC + Admin Panel ATO

Dear Guys

Nov 27

Spring Security Guide. Part 10: OAuth client implementation

Ihor Polataiko

Spring Security Guide. Part 10: OAuth client implementation

Exploring Spring Security OAuth client implementation to enable Single-Sign-On via Github. Custom implementation of OAuth2UserService

Dec 5

Esther Adwets

WebDecode Pico CTF Walkthrough

In cyber security, it is important to have a deep knowledge of what you intend to secure. For instance, understanding how the web works.

Aug 16

A Real-World Web Application Penetration Testing Story | Small Mistakes Leads to Major Logic Flaws

System Weakness

Onurcan Genç

A Real-World Web Application Penetration Testing Story | Small Mistakes Leads to Major Logic Flaws

Learn how to perform real-world penetration testing approach called Logic Flaws.

Nov 27

Beginner’s Guide to Web Application Pentesting

cham3leon

Beginner’s Guide to Web Application Pentesting

Are you interested in understanding and finding vulnerabilities in web applications, and strengthening their security, but do not know…

Apr 9

See more recommended stories