hi i am trying to filter outputs of users who will put free text and wanna prevent XSS attacks so i tried this function i made to check <?php $patterns = [
I'm currently trying to add security to my spring application and just want to know how can i add the credentials to the request so that it has the security acc
For one of my repos I need to see the value I set to a secure property of a deployment (created as described in https://support.atlassian.com/bitbucket-cloud/do
I'm looking for a way to forbid basic auth from popping inside an iframe and the only option I see is the creation of a white list inside the CSP but it doesn't
I'm new with fastapi security and I'm trying to implement the authentication thing and then use scopes. The problem is that I'm setting an expiration time for t
I've recently faced with some redos attack issues. Explain in simple steps: Regex denial of services: it means the attacker can put some malicious/crafted input
I need to run a container as non-root user by default. However a specific process inside this container needs to execute a binary that needs cap_net_admin capab
I've got standard oAuth model for authenticating users via email/password combination. I would like to implement my own mechanism to generate one-time token, st
In TFS 2018 on-premises server, is it possible to set permissions for a single dashboard, separately from the other dashboards in that project? I have multiple
I have an ASP.NET 5 web application that is setup to use client certificate authentication, specifically a DoD CAC. I followed Microsoft's guidance (here) to se
I am trying to secure an SPA, now there is recommendations to use PCKE which is fine, there is also a lot of articles which suggest use post form response, howe
Recently I'm searching for info about if PCIe devices are involved in the uefi secure boot, and if so, how it is done. From the uefi specification, the main boo
I'm a beginner here, I'm using a raspberry pi-4 running raspian OS. I'm trying to run sudo openvas-setup but it just fails to connect to dl.greenbone.net over a
Are there any libs that help obscurify a react build for production? Something like: const MyComp = () = > { const {propa, propb} = useMyfunc() return(...)
I've followed a training in Go as an introduction to microservices architecture a while ago. Getting back to this project I realise that I need more context as
Frameworks such as laravel and others require you place the csrf token in your HTML forms. However at the same time laravel comes by default with the VerifyCsrf
I am working on fixing Veracode issues in my application. Veracode has highlighted the flaw "External Control of File Name or Path (CWE ID 73) " in below code.
I'm developing a new website with PHP & MySQL. The website is for an online eBook library that grant access to its books based on paid subscription plans.
I want to bypass the SSL pinning of an Android app using the Frida Server method. I have followed the whole process described in this (https://blog.it-securityg
JMeter performance plugin is listed with vulnerability: https://plugins.jenkins.io/performance/ So currently its not safe to use this plugin(https://www.jenkins