Strong API security starts at the design stage to ensure that full consideration of Authentication and authorization and Data privacy requirements, minimize attack surfaces and threat modeling activity ensures all attack surfaces are understood before implementation.
2FA is a security process in which users provide two different authentication factors to verify themselves. 2FA is implemented to better protect both a user’s credentials and the resources the user can access.
Feb 18, 2022 • 12 tweets • 2 min read
10 different techniques to Find and Bypass Open Redirect Vulnerabilities in Web Application.
Rate limiting is a process to limiting the number of request an user can make to a web server in an span of time. This can be achieved by implementing IP based, Session Based rate limits on web server.
Bypasses 👇
Dec 5, 2021 • 8 tweets • 2 min read
How to Look for "Insecure CORS Configuration" vulnerabilities.
An insecure CORS configuration allows any website to trigger requests with user credentials to the target application and read the responses thus enabling attackers to perform privileged actions or to retrieve potential sensitive information