Web Security Blog

SQL injection prevention cheat sheet

Mon, 12 May 2025

This SQL injection prevention cheat sheet provides developers with actionable strategies to protect web applications from one of the most critical security risks. It explains attack types, showcases safe coding patterns, and emphasizes testing and monitoring for robust protection.

Read more

Why Framework Choice Matters in Web Application Security

Thu, 10 Jan 2019

Using Session Puzzling to Bypass Two-Factor Authentication

Tue, 08 Jan 2019

Clickjacking Attack on Facebook: How a Tiny Attribute Can Save the Corporation

Fri, 04 Jan 2019

Discovering and hacking IoT devices using web-based attacks

Thu, 03 Jan 2019

The Importance of the Content-Type Header in HTTP Requests

Mon, 24 Dec 2018

Sven Morgenroth Talks About PHP Object Injection Vulnerabilities on Paul’s Security Weekly Podcast

Thu, 20 Dec 2018

End of Support for PHP 5 and PHP 7.0

Tue, 18 Dec 2018

Tabnabbing Protection Bypass

Thu, 06 Dec 2018

Bypassing disabled system functions

Tue, 04 Dec 2018

Fragmented SQL Injection Attacks – The Solution

Thu, 29 Nov 2018

Exposing the Public IPs of Tor Services Through SSL Certificates

Tue, 27 Nov 2018

Web Browser Address Bar Spoofing

Tue, 20 Nov 2018