Application Programming Interfaces (APIs) are at the heart of modern applications, enabling functionality, communication and acting as a bridge between different software components. A common issue that’s found though is Broken Function Level Authorization (BFLA), and...
What is the best note-taking application for pentesters? It’s a hot debate, and if you prefer to watch than read then we recently compared many of the popular options in this video. Otherwise, let’s take a look at what each app has on offer to help you decide what’s...
In the realm of secure authentication, two key elements often come to the fore: ID tokens and access tokens. Though these elements might seem similar, understanding their differences, common pitfalls, and best practices is crucial in ensuring the security of your...
Pentesting is inherently time-consuming. This constraint alone has led to the rise of scanners as well as the exclusion of regular pentesting in many modern development lifecycles. Whilst we can’t automate and deliver everything at lightspeed, there are things we can...
Clickjacking, also known as UI Redressing, is a technique that tricks users into clicking on unintended elements on a website. By using hidden elements, attackers deceive users into performing actions that they did not intend to carry out. How Does Clickjacking...
