XML External Entity (XXE) Processing | OWASP Foundation
XML External Entity (XXE) Processing on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.| owasp.org
An SQL injection (SQLi) attack occurs when an attacker manipulates a web application's client input data to inject malicious SQL code into database queries.| HAProxy Technologies
Offensive security tools for 2025: Metasploit, Nuclei, Bloodhound & more. Uncover and remediate vulnerabilities before they’re exploited.| HackerTarget.com
How can we approach being consistent within a codebase while also continuing to evolve?| Kevin Murphy
XML External Entity (XXE) Processing on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.| owasp.org
A list of the most common WordPress vulnerabilities, along with examples and instructions on how to patch them.| Patchstack
Dave Peck's home on the web. Dave is an independent software developer, investor, and civic technologist.| davepeck.org
A deep look at zero-day exploits and whether it is possible to avoid being the victim of one.| open-appsec
So you’ve identified a risk — now what do you do about it? Here’s a simple framework to help frame discussions about risk mitigation. It’s intentionally very simple, a basic starting point. I’ll present a more complex framework later in this series, but I want to lay more of a foundation before I get there, so we’ll start here.| jacobian.org
Security testing starts with understanding vulnerabilities. The CVE website lists known software flaws. The OWASP Top Ten highlights common weaknesses. With this knowledge, we can improve our Go development. This article shows how to put in place robust practices. They are to: fuzz inputs, verify dependencies, and use static analysis tools (SAST).| Jakub Jarosz
Discover essential techniques for performing secure code reviews to identify and fix vulnerabilities, ensuring robust software security.| Spectral
PHP Object Injection on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.| owasp.org
Website with the collection of all the cheat sheets of the project.| cheatsheetseries.owasp.org
Website with the collection of all the cheat sheets of the project.| cheatsheetseries.owasp.org
SQL Injection on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.| owasp.org
I don't care about avoiding GC or about maximum performance. I treat Rust as a high level language.| Adam Chalmers Programming Blog
