Skip to main content

Web-security, best practices and pentest

List of best practices and pentest tools to prevent/attack common and complex vulnerability on web component (API, Oauth, JWT, ...). 


Prevent CSRF, XSS and XSF attacks

Best practices to audit and configure web app again CSRF, XSS and XSF attacks

Introduction

Useful links : XSS attacks What is cross-site scripting (XSS) and how to prevent it? | Web Secu...

CSRF attacks

Definition SRF (Cross-Site Request Forgery) attacks involve tricking authenticated users into un...

XSS attacks

Definition XSS (Cross-Site Scripting) attacks are security vulnerabilities in web applications w...

How to safely use JWT

Best practices to audit and use JWT

JWT security

JWT is safe. JWT misconfiguration is widespread and involves huge security breaches Ressources...

Pentest tools

List of useful pentest tools

Web pentest tools

List of tools used to pentest web app Safety Python dependencies check CorsTest Simple CORS m...
Back to top