web security

Topic #web security

what-is-the-difference-between-site-and-origin 2022-06-22 nishant.07@gmail.com this post explains what is the difference between site and origin
file-upload-vulnerability-of-web-applications 2022-06-14 nishant.07@gmail.com this post explains file upload vulnerability of web-applications
Client-Side-Data-Stores 2022-06-13 nishant.07@gmail.com Client-Side Data Stores
Phishing-attacks 2022-05-31 nishant.07@gmail.com This post describes phishing attack
web-security-in-a-nutshell 2022-05-30 nishant.07@gmail.com web security in a nutshell
What-is-SSRF 2022-05-29 nishant.07@gmail.com This post explains Server side request forgery
What-are-open-redirects 2022-05-29 nishant.07@gmail.com This post explains what are open redirects
clickjacking-attack 2022-05-28 nishant.07@gmail.com this post describes clickjacking attack
HTTP-Host-header-attacks 2022-05-28 nishant.07@gmail.com This post explains HTTP Host header attacks
What-is-X-Forwarded-Host 2022-05-28 nishant.07@gmail.com What is X-Forwarded-Host (XFH)
HTTP-host-header 2022-05-28 nishant.07@gmail.com HTTP host header
SQL-Injection 2022-05-27 nishant.07@gmail.com This post explains the basics of SQL Injection
Strict-Transport-Security 2022-05-24 nishant.07@gmail.com this post explains http response header Strict-Transport-Security
Content-Security-Policy 2022-05-23 nishant.07@gmail.com This post explains the content security policy (CSP) in detail
what-are-jwt-tokens 2022-01-30 nishant.07@gmail.com what are jwt tokens
what-is-cors 2022-01-24 nishant.07@gmail.com what is cors
What-is-XSS-attack 2022-01-20 nishant.07@gmail.com What is XSS attack
How-does-https-work-A-simple-explanation 2022-01-08 nishant.07@gmail.com How does https work A simple explanation
what-is-a-SSL-certificate 2022-01-07 nishant.07@gmail.com This post explains what is a SSL certificate
Securing-REST-APIs 2021-10-10 nishant.07@gmail.com This post explains how to secure REST APIs
HTTP-Cookies 2021-10-05 nishant.07@gmail.com This post explains HTTP Cookies in detail
What-is-a-cross-origin-request 2021-10-03 nishant.07@gmail.com This post explains in detail what is a cross origin request
client-credentials-grant-flow 2021-09-03 nishant.07@gmail.com This post explains the client credentials grant flow
OIDC-silent-authentication 2021-08-24 nishant.07@gmail.com This post explains OIDC silent authentication
What-are-third-party-cookies 2021-08-23 nishant.07@gmail.com This post explains what third party cookies
What-is-token-based-authentication 2021-08-05 nishant.07@gmail.com This post explains what is token based authentication and its advantages
Which-OAUTH-or-OIDC-flow-to-use 2021-08-03 nishant.07@gmail.com This article explains which OAUTH/OIDC flow to use in which situation
What-is-replay-attack 2021-07-25 nishant.07@gmail.com This article briefly explains replay attack
OAuth-authorization-code-flow-with-PKCE-for-native-apps 2021-07-24 nishant.07@gmail.com OAuth authorization code flow with PKCE is now the recommended flow for native apps rather than the implicit flow.
What-kind-of-CSRF-attack-is-blocked-by-state-parameter-in-OAuth 2021-07-24 nishant.07@gmail.com This article describes how a CSRF attack is blocked by state parameter in OAuth
What-is-CSRF-cross-site-request-forgery 2021-07-23 nishant.07@gmail.com What post explains what is a CSRF attack