Skip to content

Security Cipher

Menu
  • Home
  • Blog
  • Services
  • About Us
  • Resources
    • Penetration Testing Tricks
    • Security Terminologies
    • Vulnerability Explain
    • Secure Code Explain
    • AWS Cloud Security Checklist
    • Web Application Security Quiz
  • My Resume
  • Terms and Conditions
  • Cookie Policy (EU)
Contact Us

Penetration Testing Tricks

1
  • Captcha Bypass

Vulnerability Explain

2
  • SQL Injection
  • Cross-Site-Scripting (XSS)

Security Resources

2
  • Input Sanitization Techniques for Secure Coding
  • HTTP Security Headers

Secure Code Explain

30
  • Insecure Password Reset – Token Exposed in Response
  • Insecure Password Storage
  • Server-side template injection (SSTI)
  • Host Header Injection
  • Unrestricted File Upload
  • Java Deserialization
  • Application-level Denial of Service (DoS)
  • Cross-origin resource sharing (CORS) Misconfiguration
  • DOM Cross-Site-Scripting (XSS)
  • Stored Cross-Site-Scripting (XSS)
  • Reflected Cross-Site-Scripting (XSS)
  • SQL Injection
  • XXE Injection
  • Remote File Inclusion (RFI)
  • Local File Inclusion
  • Clickjacking
  • Remote Code Execution (RCE)
  • Insecure direct object references (IDOR)
  • Secure Cookie not set
  • Hardcoded Credentials
  • Log Injection
  • HSTS not Implemented
  • Missing Content-Security-Policy Header
  • Insufficient Account Lockout Policy
  • Weak Password Policy
  • Cross-Site Request Forgery (CSRF)
  • Server-Side Request Forgery (SSRF)
  • Session Fixation
  • HttpOnly Flag not set
  • Open Redirection
  • Home
  • Docs
  • Secure Code Explain

Secure Code Explain

Explore the world of web security on my blog with in-depth analysis of different types of vulnerabilities and their corresponding secure code solutions. From SQL injection to XSS and more, learn how to identify and protect against potential threats through real-world examples and explanations.

  • Insecure Password Reset – Token Exposed in Response
  • Insecure Password Storage
  • Server-side template injection (SSTI)
  • Host Header Injection
  • Unrestricted File Upload
  • Java Deserialization
  • Application-level Denial of Service (DoS)
  • Cross-origin resource sharing (CORS) Misconfiguration
  • DOM Cross-Site-Scripting (XSS)
  • Stored Cross-Site-Scripting (XSS)
  • Reflected Cross-Site-Scripting (XSS)
  • SQL Injection
  • XXE Injection
  • Remote File Inclusion (RFI)
  • Local File Inclusion
  • Clickjacking
  • Remote Code Execution (RCE)
  • Insecure direct object references (IDOR)
  • Secure Cookie not set
  • Hardcoded Credentials
  • Log Injection
  • HSTS not Implemented
  • Missing Content-Security-Policy Header
  • Insufficient Account Lockout Policy
  • Weak Password Policy
  • Cross-Site Request Forgery (CSRF)
  • Server-Side Request Forgery (SSRF)
  • Session Fixation
  • HttpOnly Flag not set
  • Open Redirection
logo name

Learn penetration Testing …

Instagram Twitter Youtube Telegram Linkedin

Useful Links

Blogs
About
Contact

Recent Post

  • Mastering WordPress Penetration Testing: A Step-by-Step Guide
  • Enhance WordPress Security: Comprehensive Guide
  • How to Write a Killer Pentest Report

Subscribe Now

Don’t miss our future updates! Get Subscribed Today!

Subscription Form

By entering your email, you agree to our terms & Conditions and Privacy policy.

©2023. Security Cipher. All Rights Reserved.

Privacy Policies
Terms & Conditions
Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in .

Security Cipher
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Cookie Policy

More information about our Cookie Policy