When learning how to find, exploit, or prevent security vulnerabilities, it’s important to understand the root causes of the vulnerability and what actually makes an application vulnerable.

Today, let’s talk about an extremely common vulnerability, XSS, it’s mechanisms, and how you can spot it in source code.

How XSS happens

Cross-site scripting vulnerabilities…

Main Branch is a comic strip for developers produced by James Gilbreath, Jason Green, and Vickie Li.

You’ve probably heard of the OWASP top ten or the top ten vulnerabilities that threaten web applications. OWASP also periodically selects a list of top ten vulnerabilities that threaten APIs, called the OWASP API top ten.

The current API top ten:

• Broken Object-Level Authorization,
• Broken User Authentication,
• Excessive Data Exposure,
• …

In this episode of Sources and Sinks, I got the opportunity to sit down with Ben Sadeghipour, known online as NahamSec, about the experience of being a content creator in the infosec space. …

Main Branch is a comic strip for developers produced by James Gilbreath, Jason Green, and Vickie Li.

Main Branch is a comic strip for developers produced by James Gilbreath, Jason Green, and Vickie Li.

You’ve probably heard of the OWASP top ten or the top ten vulnerabilities that threaten web applications. OWASP also periodically selects a list of top ten vulnerabilities that threaten APIs, called the OWASP API top ten.

The current API top ten are Broken Object Level Authorization, Broken User Authentication, Excessive…

Main Branch is a comic strip for developers produced by James Gilbreath, Jason Green, and Vickie Li.