web-application – Page 11 – WindowsTechs.com

How to escalate or make a Self-XSS vulnerability more impactful when injecting a payload into the X-Forwarded-For header of a web request?

Posted on October 17, 2023 by Giancarlo Eduardo

I’m a beginner bug bounty hunter, and I recently came across a Self-XSS vulnerability during my security testing on a target website. The vulnerability occurs when I inject a payload into the X-Forwarded-For header of a web request. Howeve… Continue reading How to escalate or make a Self-XSS vulnerability more impactful when injecting a payload into the X-Forwarded-For header of a web request?→

DIY attack surface management: Simple, cost-effective and actionable perimeter insights

Posted on October 16, 2023 by Help Net Security

Modern-day attack surface management (ASM) can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being decommissioned, and ongoing migrations to cloud providers. Assets can be created and for… Continue reading DIY attack surface management: Simple, cost-effective and actionable perimeter insights→

Unmasking the limitations of yearly penetration tests

Posted on October 12, 2023 by Mirko Zorz

In this Help Net Security interview, Charles d’Hondt, Head of Operations, Ambionics Security, talks about the necessity of implementing continuous penetration testing because yearly ones are not enough. They leave blind spots and cannot match the… Continue reading Unmasking the limitations of yearly penetration tests→

How to learn to secure Web Applications? [closed]

Posted on October 8, 2023 by achhainsan

The server is based on Linux and applications are based on Android and iOS.
I was looking through "Linux Hardening Guide" as someone recommended it to me in order to harden Linux servers. I looked at the syllabus of the book, but… Continue reading How to learn to secure Web Applications? [closed]→

Proper HIPAA security

Posted on October 3, 2023 by Charles Nix

I am a sysadmin, though not security-specific. I was recently stunned to receive an automated email from my physician’s office (in USA) containing an HTTP link to their website for the completion of preregistration forms.
Starting on a cl… Continue reading Proper HIPAA security→

Advice on more in depth web app info gathering phase

Posted on October 2, 2023 by XyronZ

I am a junior pentester currently working for a secure messaging app that includes a webclient. Only the subdomain is in scope and other subdomains are off-limits. Social engineering is also off limits as this is a staging server that mimi… Continue reading Advice on more in depth web app info gathering phase→

Does using Apache/nginx actually improve security of a webapp?

Posted on October 1, 2023 by BigMistake

Let’s say there is a webapp where users can upload files with sensitive data and view analytics generated by the backend. Does using a reverse proxy like nginx or Apache actually help with the security of the website? I have seen this clai… Continue reading Does using Apache/nginx actually improve security of a webapp?→

WhatsApp channel [closed]

Posted on September 29, 2023 by Umunnakwe Emmanuel

I need help. Can we create WhatsApp channel or WhatsApp group chat?

Continue reading WhatsApp channel [closed]→

Optimal way to securely store password on client with server invalidation but not knowledge

Posted on September 26, 2023 by InterLinked

A number of similar questions have been asked about this general topic before (e.g. How to store user credentials in browser securely?), but I wanted to seek some clarification on a specific scenario.
I have what is essentially a stateless… Continue reading Optimal way to securely store password on client with server invalidation but not knowledge→

How to exploit a CORS that only checks the end of the Origin header?

Posted on September 24, 2023 by rudeus123

I noticed that in my website I only check that the Origin string ends with "mysite.org". Meaning that for this request:
GET / HTTP/1.1
Host: mysite.com
Origin: https://evil.com#mysite.org
Access-Control-Request-Method: GET
Author… Continue reading How to exploit a CORS that only checks the end of the Origin header?→