Tuesday, June 26, 2018

[Hone Your Ninja Skill] Data is Golden: Your Profile Data version 2

Limited knowing of latest browsers protection on cross domain access triggers developers to assume we're now completely safe and immune from hijacking attack.

http://honeyourskills.ninja/target/web/golden_data/?url=your-profilev2.php

Thursday, June 14, 2018

[Hone Your Ninja Skill] Data is Golden: Your Profile Data


We,pentesters, way too much focus on technical aspects of vulnerability. Advanced attackers are goal-driven and objective-based. They set goal and identify which attack vectors can bring them access to golden data that they're targeting. In this challenge series, you will do whatever you can to steal data in unauthorised or unintended way.

http://honeyourskills.ninja/target/web/golden_data/

secure configurations for Laravel - The PHP Framework

This framework is makes security simple to achieve.  Out of all non-default settings, the little following can be set to achieve higher secu...