[IN PROGRESS] I've wondered what the crossOriginIsolated property is on browsers and why it is only emitted when the properties Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy are set. After diving into it I've come up with what I believe is the reason. But first allow me to give a little context. The internet was taken by storm when two vulnerabilities, Meltdown and Spectre, that affected nearly all devices online suddenly dropped. They are speculation attacks that can allow an at...

High Importance 1. Authorisation Failures All auth to be done solely in the backend All endpoints must have authN and authZ, anonymous routes must have a carve out. IDOR: Just because a role has access to an endpoint doesn't give it unrestricted access to all objects via that endpoint. eg Admin's that have access to createUserAccount(username, role) should not be allowed to pass role=SuperAdmin. Following should not be allowed: Admin creating SuperAdmin Admin self escalating to SuperAdmin...

Following is a small educational content I made for educating devs at my company. Video https://drive.proton.me/urls/ZHJBA1MSZ8#sTJuTPKViUko Script This video's topic is cross-site scripting, aka XSS. XSS is a vulnerability where attacker-controlled input is executed in a user’s browser, often as HTML or JavaScript. In other words, the application treats untrusted input as code rather than as data. A simple example is a website that asks for a name or surname. Instead of entering a normal ...

Static analysis  SonarQube https://www.sonarsource.com/ FOSS ZAP https://github.com/zaproxy/zaproxy Nuclei https://github.com/projectdiscovery/nuclei Nettacker https://github.com/OWASP/Nettacker  Nikto https://github.com/sullo/nikto Arachni https://github.com/Arachni/arachni Wapiti https://github.com/wapiti-scanner/wapiti Threatmapper https://github.com/deepfence/ThreatMapper Fremium Burp https://portswigger.net/burp Caido https://github.com/caido/caido Metasploit https://www.metasploi...