Best practises regarding authentication in SPA/API solutions with SSO

There is really not that great information on what the best practices are for auth in SPA/API solutions. Most of them just say use JWTs and auth code flow in the SPA. There is a ton of information regarding auth in a SPA where you are requ… Continue reading Best practises regarding authentication in SPA/API solutions with SSO

Trouble understanding hash_extension tool examples for hash length extension attack (C#)

I am trying to follow the example of how a hash length extension attack works using the article here: https://www.skullsecurity.org/2012/everything-you-need-to-know-about-hash-length-extension-attacks
In this, the author has a concrete exa… Continue reading Trouble understanding hash_extension tool examples for hash length extension attack (C#)