Collaborate Disseminate
A URL is followed by a number. Changing the number will change the content of the web page. Now I know it’s insecure direct object reference (IDOR). What should I do to fix this vulnerability?
Continue reading A URL is followed by number, what is its vulnerability?
Gopher protocol is used a lot when exploiting SSRF, but how?
a Gopher URL takes the form:
gopher://<host>:<port>/<gopher-path>
but let’s take this example:
gopher://10.10.10.3:80/_POST%20/login%20HTTP/1.1%0aContent-Ty… Continue reading SSRF trough Gopher
I’m digging into proxies and VPNs to wrap my head around their security aspects. Wondering: can a proxy server sneak a peek at my raw requests and maybe even tweak them a bit? my connections are HTTPs
Continue reading Can a proxy server view the request and response bodies? [duplicate]
I have been using lots of various APIs in my frontend lately and they all have to be properly configured with CORS and the browser always do extra OPTIONS request that only make debugging harder.
I was wondering if there could be a way of … Continue reading Is prohibiting cookies a viable CORS alternative?
Consider clientA which wants to verify payments and serverB which verifies payments.
ClientA sends around a million requests to serverB’s API in 1 day.
However, only 1% of the requests from clientA succeed and give a 200 response. The rest… Continue reading How do you verify if a request is from a genuine user or from a malicious user?
HMAC signatures are very commonly used for webhook authorization from service to consumer.
Examples:
Stripe
Slack
Twilio
Twitter
GitHub
and hundreds and hundreds more. This seems a near universal design decision.
Yet, the other direction… Continue reading Why are HMAC signatures frequently used for webhook authorization but not other HTTP API requests?
TLS unique value is present in TLS 1.2 version.
In Golang, I can get the value of the TLS unique value from the http response through the field TLS.
I’d like know how I can get it from Apache.
Is there an environment variable that already … Continue reading How to retrieve TLS unique value from Apache?
I am writing a mobile application for an already existing web app.
In the backend, I implemented the usual cookie-based session ID authentication. with a CSRF token generated on login and sent with each request in a custom header.
the prob… Continue reading Is it secure to use session ID as authentication token received from an HTTP header?
I have developed a website with codeigniter 3 and I have also updated it to the latest version of codeigniter.
My website has been hacked in the same way for several days.
The hacker puts two files in my root of host (public_html directory… Continue reading Codeigniter website is hacked regularly by an unknown method [closed]
With standard XSSI, an attacker can include a remote script which contains user-bound secrets across origins, and then read them out.
I have an endpoint which returns sensitive Javascript code, but the request to fetch it is POST-based (th… Continue reading Is POST-based XSSI possible?