Link List

HTTP Secu­ri­ty Head­ers are essen­tial to any web­site. Learn about the HSTS head­er, Con­tent Secu­ri­ty Pol­i­cy head­er CSP, XSS pro­tec­tion, cache con­trol, strict trans­port secu­ri­ty, set-cook­ie head­er, and many more http head­ers in this com­pre­hen­sive guide with exam­ples and take your web­site secu­ri­ty head­er game to the next lev­el with Dark­re­lay.

HTML Forms have pow­er­ful val­i­da­tion mech­a­nisms, but they are heav­i­ly under­used. In fact, not many peo­ple even know much about them. Is this because of some flaw in their design? Let’s explore.

In this paper I’ll show you how to com­pro­mise web­sites by using eso­teric web fea­tures to turn their caches into exploit deliv­ery sys­tems

Pass­word gen­er­a­tor

Tips for Keep­ing All Fron­tend Appli­ca­tions Secure

A resource when you don’t have a good back up plan after a hack. A ser­vice that promised to clean mal­ware and virus­es from a web­site.

Learn and Test DMARC

Learn and Test DMARC

The Ter­rapin attack is a pre­fix trun­ca­tion attack tar­get­ing the SSH pro­to­col, where the integri­ty of SSH’s secure chan­nel is com­pro­mised by manip­u­lat­ing sequence num­bers dur­ing the hand­shake, allow­ing an attack­er to remove mes­sages from the secure chan­nel with­out detec­tion.

The OWASP Top 10 is the ref­er­ence stan­dard for the most crit­i­cal web appli­ca­tion secu­ri­ty risks. Adopt­ing the OWASP Top 10 is per­haps the most effec­tive first step towards chang­ing your soft­ware devel­op­ment cul­ture focused on pro­duc­ing secure code.

A small gist with Javascript to try to pre­vent iframe embed­ding of your con­tent.

Web­site with the col­lec­tion of all the cheat sheets of the project.

OWASP Top 10 mod­ule that adds a few secu­ri­ty improve­ments in form of a cus­tomiz­able serv­er mid­dle­wares to your Nuxt appli­ca­tion. All mid­dle­wares can be mod­i­fied or dis­abled if need­ed. They can also be con­fig­ured to work only on cer­tain routes. By default all mid­dle­wares are con­fig­ured to work glob­al­ly.