What Is Broken Link Hijacking

What Is Broken Link Hijacking

Broken link hijacking (BLH) is a type of web attack. It exploits external links that are no longer valid. If your website or web application uses resources loaded from external URLs or ...
DevSecOps: How To Get There from DevOps

DevSecOps: How To Get There from DevOps

DevSecOps is a practice that merges the work done by development (Dev), security (Sec), and IT operations teams (Ops) to deliver the most efficient and effective software development practices. But why is ...
SQL Injection Cheat Sheet for Developers

SQL Injection Cheat Sheet for Developers

In this cheat sheet, we will assume that: You are a developer or you know programming You have limited web application security knowledge You need to know how SQL injection attacks happen ...
Web System Hardening in 5 Easy Steps

Web System Hardening in 5 Easy Steps

To harden a computer system means to make it more difficult for a malicious hacker to attack. In formal terms, system hardening means reducing the attack surface – the attack surface is ...
nginx Security: How To Harden Your Server Configuration

nginx Security: How To Harden Your Server Configuration

Currently, nginx is the most popular web server, recently beating Apache. It is lightweight, fast, robust, and supports all major operating systems. It is the web server of choice for Netflix, WordPress.com, ...
Exploiting SSTI in Thymeleaf

Exploiting SSTI in Thymeleaf

One of the most comfortable ways to build web pages is by using server-side templates. Such templates let you create HTML pages that include special elements that you can fill and modify ...
New Web Technology & Impact on Automated Security Testing - Benjamin Daniel Mussler - PSW #655

Paul’s Security Weekly: New Web Technology & Impact on Automated Security Testing

| | Web Security Zone
Our core security researcher, Benjamin Daniel Mussler, has been invited to Paul’s Security Weekly podcast to participate in a discussion about new web technologies and their impact on automated security testing. Benjamin ...
What Is Website Security – How To Protect Your Website from Hacking

What Is Website Security – How To Protect Your Website from Hacking

You protect your every office computer with an antivirus. You install firewalls to prevent unwanted access to your network. But what do you do to protect your website? And what can happen ...
Why Is Directory Listing Dangerous?

Why Is Directory Listing Dangerous?

Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. It is dangerous to leave this function turned on ...
What Is the BEAST Attack

What Is the BEAST Attack

BEAST stands for Browser Exploit Against SSL/TLS. It is an attack against network vulnerabilities in TLS 1.0 and older SSL protocols. The attack was first performed in 2011 by security researchers Thai ...