3 articles
CSRF (Cross-Site Request Forgery) forces authenticated users to unknowingly submit requests to a site they're logged into. Learn how it works, how to find it, and how to fix it.
IDOR (Insecure Direct Object Reference) is one of the most common and most impactful web vulnerabilities. Learn how it works, how to find it, and how to fix it.
A practical guide to mobile application penetration testing on Android and iOS — static analysis, dynamic analysis, traffic interception, and the most common vulnerabilities found in real engagements.