search

JSON web tokens are a type of access tokens that are widely used in commercial applications. They are based on the JSON format and includes a token signature to ensure the integrity of the token. Today, we are going to talk about the security implications of using JSON web tokens (and signature-based tokens in general), and how they can be exploited by attackers to bypass access control.

Bharat Dwarkani shared on Mar 12, 2020
image
link.medium.com
bookmarks
share
favorite_border0 visibility12
favorite_border0 visibility12 share bookmarks

Regex is everywhere on the Internet nowadays. Downing Servers With Evil Regular Expressions. But can regex also lead to vulnerabilities? Today, let’s explore how attackers can exploit poorly…

Bharat Dwarkani shared on Mar 12, 2020
image
link.medium.com
bookmarks
share
favorite_border0 visibility7
favorite_border0 visibility7 share bookmarks

As a company grows, it becomes increasingly difficult to secure the hundreds and thousands of machines on the network. Often, all an attacker needs to compromise a network is a single bug on a public-facing machine! Today, we will talk about a common vulnerability on the network perimeter…

Bharat Dwarkani shared on Mar 12, 2020
image
link.medium.com
bookmarks
share
favorite_border0 visibility4
favorite_border0 visibility4 share bookmarks

the loading time of a particular analytics report was ridiculously slow for a big Enterprise customer. Since I am part of the Data platform, a flag was immediately raised and I got involved in debugging the issue.

Bharat Dwarkani shared on Mar 11, 2020
image
medium.com
bookmarks
share
favorite_border0 visibility8
favorite_border0 visibility8 share bookmarks

A list of GitHub repositories that will help you immensely with your knowledge and work-life as a programmer

Bharat Dwarkani shared on Mar 10, 2020
image
link.medium.com
bookmarks
share
favorite_border0 visibility12
favorite_border0 visibility12 share bookmarks

Understanding the concept of server-driven UI for native mobile development

Bharat Dwarkani shared on Mar 10, 2020
image
link.medium.com
bookmarks
share
favorite_border0 visibility2
favorite_border0 visibility2 share bookmarks

SOLID is the acronym that intends to join several principles about good design practices in software development. We have covered the first three letters of it and today it is the time for ISP. If you haven't read the previous articles

Bharat Dwarkani shared on Mar 10, 2020
image
link.medium.com
bookmarks
share
favorite_border0 visibility2
favorite_border0 visibility2 share bookmarks

Angular Interceptor, HttpClient vs HttpBackend, Catch Error, Recall APIs, and Prevent XSRF attack.

Bharat Dwarkani shared on Mar 10, 2020
image
levelup.gitconnected.com
bookmarks
share
favorite_border0 visibility14
favorite_border0 visibility14 share bookmarks

Cross Site Request Forgery (aka CSRF or XSRF) is one of the most common attacks in which the user is tricked into executing an unwanted action through his browser on his behalf, in one of the sites he is currently authenticated. ASP.Net Core contains an Antiforgery package that can be used to secure your application against this particular risk. For those who have used earlier versions of ASP.Net will see that things have changed a bit in the new framework.

Bharat Dwarkani shared on Mar 05, 2020
image
dotnetcurry.com
bookmarks
share
favorite_border0 visibility21
favorite_border0 visibility21 share bookmarks

Azure App Service allows you to specify both application settings and connection strings so that you don’t need to deploy your application again if you want to change some configuration settings. The documentation states that connection strings will be exposed as environment variables which will be prefixed based on which type of connection string you create

Bharat Dwarkani shared on Mar 05, 2020
image
mderriey.com
bookmarks
share
favorite_border0 visibility12
favorite_border0 visibility12 share bookmarks
add