Posts
Unsafe deserialization
Threat Modeling How-To
Logging
Secrets in applications
Idor
Vulnerable Components
Bypassing Mfa
Abuse Stories
CSP Frame Ancestors
Clickjacking
Secrets in Logs
Development Lifecycle
CSP: Content Security Policy
CSP: protecting against XSS with script-src
XSS: Cross-site scripting
Subresource Integrity