Collaborate Disseminate
Introduction:
We heavily use external libraries, such as DataTables, in combination with interpolation. In Angular, we’ve identified two primary XSS prevention strategies:
Interpolation ({{ }})
Direct Sanitization with DomSanitizer.saniti… Continue reading Security in Angular: Addressing XSS Concerns with External Libraries and Interpolation
I wonder what Session Fixation exploit possibilities still exist today in case the website does not change the Session-ID in a cookie after login other than the following:
XSS
MiTM
open redirect vuln
We’ve encountered a customer website … Continue reading Session Fixation PoC
I want to test an Angular SPA for any DOM-based XSS. How do I do that with OWASP ZAP?
Continue reading How to test an Angular SPA for DOM XSS with OWASP ZAP?
We are currently looking for a suitable training format to train our web developers in security related topics and secure coding. There are quite a few different providers and courses online. It is difficult to find out which one is the ri… Continue reading Recommended security training for Web Developers [closed]
I’m currently trying to get some knowledge in SQL injection. In a pen test environment, there is a challenge on which you get the PHP file and you need to try to login using SQL Injection. I’ve already tried several injections but cannot f… Continue reading SQL Injection Training challenge including a PHP file