DEV Community

Security

Hopefully not just an afterthought!

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
Stop Guessing: What is a JWT?

Stop Guessing: What is a JWT?

154
Comments 13
5 min read
How 4 lines of Java code end up in 518772 lines in production.

How 4 lines of Java code end up in 518772 lines in production.

60
Comments 13
3 min read
CVE Binary Tool: GSoC Final Report

CVE Binary Tool: GSoC Final Report

6
Comments 1
6 min read
Spring security with JWT based login [Without OAuth]

Spring security with JWT based login [Without OAuth]

3
Comments
1 min read
CORS in short

CORS in short

8
Comments
1 min read
3 Static Application Security Testing advantages (SAST) You Should Know

3 Static Application Security Testing advantages (SAST) You Should Know

8
Comments 1
4 min read
HarperDB's New Approach to Role Permissions

HarperDB's New Approach to Role Permissions

37
Comments
3 min read
Fundamentals of Vulnerability Management with Open Source Tools

Fundamentals of Vulnerability Management with Open Source Tools

3
Comments 2
8 min read
Using HTTP headers to debug live sites

Using HTTP headers to debug live sites

6
Comments
4 min read
Today's rabbit hole: securing JWTs for authentication, httpOnly cookies, CSRF tokens, secrets & more

Today's rabbit hole: securing JWTs for authentication, httpOnly cookies, CSRF tokens, secrets & more

26
Comments 9
11 min read
Hide your api keys from your android manifest file with Flutter using local.properties

Hide your api keys from your android manifest file with Flutter using local.properties

23
Comments 7
2 min read
JSON Web Token: Authorization RESTful API by using JWT

JSON Web Token: Authorization RESTful API by using JWT

7
Comments
3 min read
A Story of Rusty Containers, Queues, and the Role of Assumed Identity

A Story of Rusty Containers, Queues, and the Role of Assumed Identity

20
Comments
14 min read
What Cybersecurity Professionals Have Learned From The Lockdown Experience

What Cybersecurity Professionals Have Learned From The Lockdown Experience

6
Comments
4 min read
Creating and using an SSH key pair on Windows

Creating and using an SSH key pair on Windows

2
Comments
4 min read
JWTs: Which Signing Algorithm Should I Use?

JWTs: Which Signing Algorithm Should I Use?

6
Comments 3
10 min read
Reactive Security Filter with Spring & Kotlin

Reactive Security Filter with Spring & Kotlin

6
Comments
4 min read
30D2R - April: Windows Exploitation Basics

30D2R - April: Windows Exploitation Basics

3
Comments
4 min read
Firebase Firestore Rules with Custom Claims - an easy way

Firebase Firestore Rules with Custom Claims - an easy way

24
Comments 4
3 min read
4 ways to inject secrets into an application

4 ways to inject secrets into an application

8
Comments 2
2 min read
✋🏼🔥 CS Visualized: CORS

✋🏼🔥 CS Visualized: CORS

1508
Comments 83
9 min read
A Step-by-Step Guide to Setting Up a Node.js API With Passport-JWT

A Step-by-Step Guide to Setting Up a Node.js API With Passport-JWT

75
Comments 3
6 min read
Spring security using OAuth2 with AngularJs [JWT]

Spring security using OAuth2 with AngularJs [JWT]

7
Comments
3 min read
Bcrypt Step by Step

Bcrypt Step by Step

8
Comments
5 min read
Authenticating APIs with Cognito

Authenticating APIs with Cognito

4
Comments
2 min read
If you’re not using SSH certificates you’re doing SSH wrong | Episode 2: Certificates improve usability, operability, & security

If you’re not using SSH certificates you’re doing SSH wrong | Episode 2: Certificates improve usability, operability, & security

111
Comments 4
6 min read
Randomness, what did you expect ?

Randomness, what did you expect ?

10
Comments 2
8 min read
Top 3 Emerging Technologies That Define ‘Future’ Cybersecurity!

Top 3 Emerging Technologies That Define ‘Future’ Cybersecurity!

3
Comments 1
3 min read
Diana Initiative CTF

Diana Initiative CTF

8
Comments
7 min read
Azure Architecture Scenario: Protect an Azure App Service with a Cloud Hosted WAF (DNS Based)

Azure Architecture Scenario: Protect an Azure App Service with a Cloud Hosted WAF (DNS Based)

6
Comments
4 min read
Buffer Overflow ASLR Bypass on HackTheBox October - with Metasploit

Buffer Overflow ASLR Bypass on HackTheBox October - with Metasploit

2
Comments
14 min read
If you’re not using SSH certificates you’re doing SSH wrong | Episode 1: Keys versus Certificates

If you’re not using SSH certificates you’re doing SSH wrong | Episode 1: Keys versus Certificates

37
Comments
5 min read
If you’re not using SSH certificates you’re doing SSH wrong | Episode 3: An ideal SSH flow

If you’re not using SSH certificates you’re doing SSH wrong | Episode 3: An ideal SSH flow

31
Comments 2
5 min read
Using sub-accounts in AWS

Using sub-accounts in AWS

3
Comments
4 min read
Secure gRPC service with .NET Core and Azure Active Directory

Secure gRPC service with .NET Core and Azure Active Directory

14
Comments
6 min read
My Favorite Privacy Tools in 2020: Be Safer on the Internet!

My Favorite Privacy Tools in 2020: Be Safer on the Internet!

123
Comments 21
3 min read
Dev tools for databases, what is out there?

Dev tools for databases, what is out there?

17
Comments 5
1 min read
Disable SSL certificate validation in Spring RestTemplate

Disable SSL certificate validation in Spring RestTemplate

9
Comments 2
2 min read
noopener, noreferrer, and nofollow - When to use them? How can these prevent Phishing Attacks?

noopener, noreferrer, and nofollow - When to use them? How can these prevent Phishing Attacks?

11
Comments
6 min read
Linux Socket Monitoring

Linux Socket Monitoring

4
Comments
2 min read
JS-X-Ray 2.0

JS-X-Ray 2.0

8
Comments
5 min read
Django JWT Auth

Django JWT Auth

4
Comments
4 min read
HIPAA Compliant Mobile Apps With Ionic

HIPAA Compliant Mobile Apps With Ionic

13
Comments 1
4 min read
Rodauth: A Refreshing Authentication Solution for Ruby

Rodauth: A Refreshing Authentication Solution for Ruby

13
Comments
14 min read
Working with Proof Key for Code Exchange (PKCE)

Working with Proof Key for Code Exchange (PKCE)

36
Comments 1
7 min read
Secure code review: Bonus - Who reviews the code?

Secure code review: Bonus - Who reviews the code?

7
Comments
2 min read
I created the official MLH Fellowhip CTF competition... as a fellow

I created the official MLH Fellowhip CTF competition... as a fellow

25
Comments 1
4 min read
How should you secure your API token?

How should you secure your API token?

2
Comments
6 min read
🚀 How to add Themis crypto-library to your app with 1 line of code

🚀 How to add Themis crypto-library to your app with 1 line of code

6
Comments
2 min read
Setting up mTLS and Kestrel (cont.)

Setting up mTLS and Kestrel (cont.)

6
Comments
7 min read
Do airplanes still use floppy disks for updates? Why?

Do airplanes still use floppy disks for updates? Why?

2
Comments
7 min read
Secure code review: Part 8 - Statically testing

Secure code review: Part 8 - Statically testing

5
Comments
2 min read
Exploring Certificates

Exploring Certificates

8
Comments
4 min read
Introduction to Kerberos

Introduction to Kerberos

9
Comments
5 min read
[DevSecOPS] #6 見える化を行ったら(DBサーバ編)

[DevSecOPS] #6 見える化を行ったら(DBサーバ編)

5
Comments
1 min read
LocalStorage vs Cookies: All You Need To Know About Storing JWT Tokens Securely in The Front-End

LocalStorage vs Cookies: All You Need To Know About Storing JWT Tokens Securely in The Front-End

697
Comments 46
7 min read
Setting up Auth Routes with Express

Setting up Auth Routes with Express

35
Comments
7 min read
Secure code review: Part 7 - Well-known attacks

Secure code review: Part 7 - Well-known attacks

5
Comments
3 min read
What is a Web Application Firewall? Explained with Example

What is a Web Application Firewall? Explained with Example

7
Comments 1
1 min read
[DevSecOPS] #5 見える化を行ったら(APサーバ編)

[DevSecOPS] #5 見える化を行ったら(APサーバ編)

7
Comments
2 min read
loading...