freeCodeCamp·3yKey Computer Science Concepts Every Software Engineer Should Know – and How to Learn Them
The more fundamentals you know, the less you will struggle learning new things. There are 10 core subjects which, if you learn them, will give you a solid foundation. The book I recommend to learn programming is Structures and Interpretations of Computer Programs (SICP) The book is free and has a set of MIT lectures.
LogRocket·3yUsing Helmet in Node.js to secure your application
Helmet.js is a middleware-based technology that improves security in Node.js applications by safeguarding HTTP headers. It protects against common security threats like XSS attacks and click-jacking. Integrating Helmet into a Node.js Express app is simple and only requires a few lines of code.
Cloudflare·3yCloudflare is free of CAPTCHAs; Turnstile is free for everyone
Cloudflare has eliminated CAPTCHAs and made Turnstile, its bot-stopping solution, available for free to all website operators. Turnstile's checkbox solution is just as effective as a CAPTCHA without requiring user interactivity. It uses various in-browser tests to analyze browser characteristics and detect bots. Over 1 million automated signup attempts have been blocked by Turnstile. During the beta, Turnstile received feedback and added new features, such as support for additional languages and error code transparency. Turnstile is now in general availability and is free to use.
freeCodeCamp·3yWhat is Tabnabbing and How to Prevent it
Tabnabbing is a type of phishing attack that targets inactive tabs in a browser, redirecting users to malicious sites resembling legitimate ones. To prevent tabnabbing, you can use the `noopener` and `noreferrer` attributes when opening links in a new tab.
InfoSec Write-ups·3yJWT [JSON WEB TOKENS] [EXPLANATION & EXPLOITATION] (0x02)
This post explains the concept of JSON Web Tokens (JWT), specifically focusing on the explanation and exploitation of JWT header parameters such as JWK and JKU. It provides examples and discusses techniques for exploiting these parameters.
Cloudflare·3yCloudflare mitigates record-breaking 71 million request-per-second DDoS attack
Cloudflare mitigates a record-breaking DDoS attack of 71 million requests per second. The attacks were HTTP/2-based and targeted websites protected by Cloudflare. The post discusses the increase in DDoS attacks and provides steps to defend against them.
