With the race to make software development even faster, companies start to adopt a new way technique based on using already developed code components. Unfortunately, this development technique comes with many security vulnerabilities that have made the software even less secure regardless of the enhancement the used development technology has ...
Performing a penetration test against an API is very similar to performing a penetration test against a web application. Both applications use web technologies and have basically the same type of vulnerabilities. However, an API does not always offer a user interface to communicate which makes testing it more difficult. ...
After years of experience in penetration testing, I can say that one of the best things that can happen during a penetration test is to find a security misconfiguration. Unfortunately, when you look for these vulnerabilities on Google all that you get is theories or discussions and explanations of such ...
After starting to use the object-oriented development concept, new types of vulnerabilities were born. Insecure deserialization vulnerabilities were one of those vulnerabilities. Therefore, what is an Insecure Deserialization vulnerability, and how to prevent it? Insecure deserialization vulnerability happens when the web application serializes or deserializes a user-controllable object. The main ...
NFTs are digital tokens that represent unique and scarce assets on the blockchain. They have become a popular way to create, buy, and sell digital art, collectibles, music, and more. But, can NFTs be malicious? NFTs could be malicious. Even if NFTs are pieces of art, they both remain connected [...]
