This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Secure Code Explain
Explore the world of web security on my blog with in-depth analysis of different types of vulnerabilities and their corresponding secure code solutions. From SQL injection to XSS and more, learn how to identify and protect against potential threats through real-world examples and explanations.
- Insecure Password Reset – Token Exposed in Response
- Insecure Password Storage
- Server-side template injection (SSTI)
- Host Header Injection
- Unrestricted File Upload
- Java Deserialization
- Application-level Denial of Service (DoS)
- Cross-origin resource sharing (CORS) Misconfiguration
- DOM Cross-Site-Scripting (XSS)
- Stored Cross-Site-Scripting (XSS)
- Reflected Cross-Site-Scripting (XSS)
- SQL Injection
- XXE Injection
- Remote File Inclusion (RFI)
- Local File Inclusion
- Clickjacking
- Remote Code Execution (RCE)
- Insecure direct object references (IDOR)
- Secure Cookie not set
- Hardcoded Credentials
- Log Injection
- HSTS not Implemented
- Missing Content-Security-Policy Header
- Insufficient Account Lockout Policy
- Weak Password Policy
- Cross-Site Request Forgery (CSRF)
- Server-Side Request Forgery (SSRF)
- Session Fixation
- HttpOnly Flag not set
- Open Redirection