Advanced Search
Search Results
10 total results found
Security 🔐
Web-security, best practices and pentest
List of best practices and pentest tools to prevent/attack common and complex vulnerability on web component (API, Oauth, JWT, ...).
Prevent CSRF, XSS and XSF attacks
Best practices to audit and configure web app again CSRF, XSS and XSF attacks
How to safely use JWT
Best practices to audit and use JWT
Pentest tools
List of useful pentest tools
Introduction
Useful links : XSS attacks What is cross-site scripting (XSS) and how to prevent it? | Web Security Academy CSRF attacks What is CSRF (Cross-site request forgery)? Tutorial & Examples | Web Security Academy XSF attacks Framing Attacks and Cross-frame scr...
CSRF attacks
Definition SRF (Cross-Site Request Forgery) attacks involve tricking authenticated users into unknowingly performing actions on a web application. The attacker exploits the trust between the victim's browser and the application to execute unauthorized actions...
XSS attacks
Definition XSS (Cross-Site Scripting) attacks are security vulnerabilities in web applications where an attacker injects malicious scripts into trusted websites, allowing them to execute arbitrary code in the victim's browser. This can lead to unauthorized ac...
JWT security
JWT is safe. JWT misconfiguration is widespread and involves huge security breaches Ressources Debug and decode JWT token (mirror) Stop using JWT for web sessions When to use symmetric signing Exploit on JWT token Re-signing attack Introduction ...
Web pentest tools
List of tools used to pentest web app Safety Python dependencies check CorsTest Simple CORS misconfiguration tester OWASP Zap Scanner, indexer, vuln discovery, interactive HUD, proxy, ...