DZone·4yI can probably hack your password in MINUTES!
The average password is easily hacked in minutes by an experienced software developer. This is because of a fundamental flaw in how we were taught to create our passwords. There are simply not enough possible combinations in short passwords such as the above to be "random enough" to prevent a computer from guessing it.
Ballerina·4ySecuring Microservices with OAuth2
This article explains how to secure your microservices deployment practically with OAuth2 using Ballerina programming language. Let’s see how to design, implement, test, deploy and observe the system. The complete example can be found at:https://ballerina.io/examples/order-management-service.
DZone·4yBest Practices to Secure Your API
An Application Programming Interface (API) is a set of protocols that allow software components to interact. While APIs are a crucial part of modern applications, they are a common target of attackers to access sensitive information. With APIs increasingly becoming an attack vector, API security measures help security teams to assess security risks and have a comprehensive plan to protect them.
Faun·4yDevOps Roadmap 2022
DevOps skills are high in demand and there is constant learning required to keep yourself in sync with market demand. This post is to share the notes that can help you. Let’s see some guidance based on my experience and understanding. DevOps Roadmap 2022: Be fundamentally strong in the networking technologies.
Hacker News·4yLibreWolf
LibreWolf is an independent fork of Firefox, with the primary goals of privacy, security and user freedom. It is designed to increase protection against tracking and fingerprinting techniques, while also including a few security improvements. LibreWolf also aims to remove all the telemetry, data collection and annoyances.
80 LEVEL·4yThe Beast Titan from Attack on Titan Recreated in 3D
3D Character Artist Bassem Wageeh has recreated the Beast Titan from the anime and manga series Attack on Titan. According to the artist, this character was created to dive deep into new character art techniques, especially hair grooming. The titan was sculpted in ZBrush, textured in Substance 3D Painter, and rendered in Arnold.
Codemotion·4y7 Cybersecurity Threats You Must Know as a Web Developer
Web developers need to understand how these attacks work so they can patch any vulnerabilities in their own code. Cross-Site Scripting (XSS) is a serious threat affecting roughly 66% of all web applications on the market today. Hackers can steal user credentials, intercept sessions, and even bypass multi-factor authentication using cross-site scripting.
GitLab·4yIf it's time to learn DevOps, here's where to begin
DevOps is a way to simplify development and deployment, while making the entire process more efficient. There are three basic stages, or phases – build, test, and deploy. Within these are nine other stages that will help you produce software efficiently, reliably, and with speed and agility.
JavaScript in Plain English·4yReact Security Vulnerabilities: How to Protect Your App and Fix Them
React has become the most popular JavaScript (JS) framework. It’s used by top companies like Facebook, Netflix, Airbnb, Uber, and many more. If you’re new to React or are thinking about using it in your next project, there are some important security vulnerabilities.
Auth0·4yWhy and How to Use HTTPS in Your Local Development Environment
The HTTPS protocol is mandatory for any website or web application. It guarantees trust and security, and its wide adoption is due to the effort of browser providers. Many developers still use HTTP in their development environment. Why should you switch to HTTPS if it's not a production environment? Let's discuss.
System Weakness·4yIntroduction to CSRF: How can a cookie get you hacked? (1/2)
Cross-site request forgery (CSRF) is a part of the “Broken access control” vulnerability and ranks #1 in the OWASP top 10. CSRF is a Client-side vulnerability i.e., the attacker can use any social engineering method on the authenticated user and force him to execute an unwanted action on the web application.
DZone·4y10 JetBrains Extensions to Fight Technical Debt
Many Engineering teams are under huge pressure to build fast and often lacking time to fix and clean up their codebase. In such situations, technical debt quickly builds up, and Engineers are looking for ways to keep the codebase healthy while shipping fast. My last article on 10 VS Code Extensions to Fight Technical Debt got over 50,000 views and 500 reactions.
System Weakness·4yTools For Linux System Administrator
The security tools listed in this article span a wide range — from network security tools to intrusion detection and prevention systems. Nikto is mainly used for Web security. ClamAV helps our machines fight against malware. Lynis is a free, open source and extensible security auditing tool used by many security auditors.
Riot Games·4yGetting into the Guts of Berserk
Jeffrey Doering is the primary engineer on the Renata Glasc pod. The Chem-Baroness’s ultimate is a slow cloud of fumes that applies a new type of crowd control called “Berserk” to enemies it passes through. In this article, he explains how we went from a hacky prototype spell to a game-changing ultimate.
InfoSec Write-ups·4yTop Ethical Hacking Tools and Software for 2022
Surendra Pander is a Security Researcher, ethical Hacker, Bug bounty hunter & Online cybersecurity educator from India. If you want personal training from me, you can message me on Instagram or Twitter, Links are given below. Top Ethical Hacking Tools and Software for 2022.
InfoSec Write-ups·4yPentesting: The Relevance, Top 10 Tools, And More
Pentesting is a permitted simulated cyberattack on a computer system or network. The main motive of pentesting activity is to find loopholes in the system before the hackers do and fix it. Pentesters are also known as ethical hackers who help organizations by pointing out security loopholes in their computer systems.