榜单
服务器优惠
AI论文
-
Security
Security Bug Bounty programs Elearning Encryption Symmetric key Asymmetric key IEEE OC CyberSecurity SIG Techniques SSH Pivoting SSH lateral attack Tools commands ACM Cy... -
Introduction
Introduction SSL vs TLS Server Configuration Only Support Strong Protocols Only Support Strong Ciphers Use Strong Diffie-Hellman Parameters Disable Compression Patch Cryptogr... -
Rancher Security Best Practices
Rancher Security Best Practices Restrict Public Access to /version and /rancherversion Path Session Management Rancher Security Best Practices Restrict Public Access to /vers... -
DRAFT CHEAT SHEET - WORK IN PROGRESS
permalink: /Secure_SDLC_Cheat_Sheet/ DRAFT CHEAT SHEET - WORK IN PROGRESS Background How to Apply Final Notes title: Secure SDLC Cheat Sheet permalink: /Secure_SDLC_Cheat... -
Introduction
Introduction Primary Defenses Defense Option 1: Prepared Statements (with Parameterized Queries) Defense Option 2: Stored Procedures Defense Option 3: Whitelist Input Validation... -
SQL Injection Prevention
Introduction Primary Defenses Defense Option 1: Prepared Statements (with Parameterized Queries) Defense Option 2: Stored Procedures Defense Option 3: Whitelist Input Validation... -
Custom Validations
Custom Validations Custom Validations 验证包 允许你调用 verifying 方法来创建专门的约束。Play 还提供了用 Constraint 样本类的方法来自定义约束。 这里,我们会实现一个简单的密码强度约束,通过正则表达式来验证密码不是由全字母或是全数字组成。Constraint 接受一个返回 Va... -
Abuse Case
Introduction Objective Context & approach Why clearly identify the attacks? Notion of Abuse Case How to define the list of Abuse Cases? When to define the list of Abuse Cases?... -
5.1 防止frame劫持和点击劫持
防止frame劫持和点击劫持 详细描述 建议 参考 CWE/OWASP 防止frame劫持和点击劫持 详细描述 Frame劫持涉及在iFrame中传送Web / WAP站点。 这种攻击可以使“包装”站点执行点击劫持攻击。 点击劫持是一个非常真实的威胁,已被利用高信息服务(例如Facebook)窃取信息或重定向用户到攻击者控制的网站。 F... -
Introduction
Introduction Objective Context & approach Why clearly identify the attacks? Notion of Abuse Case How to define the list of Abuse Cases? When to define the list of Abuse Cases?...