Step by step hacking web-applications vulnerable to SQL injection, including remote code execution, authorisation bypass and data exfiltration attacks.
When developing an application, the integrity of infrastructure and data is paramount, as part of the development process, all developers should be (at the very least) aware of the OWASP top 10 and code defensively against the items included. It’s also extremely important to ensure an application is penetration tested before and after deployment to a production environment, ideally by means of an integrated into CI/CD solution. The following text covers at a high level some of the steps you as a developer should take to ensure your application is as secure as possible. This post discusses at a high level, steps you can take to ensure you code more securely.
When a simple mistake such as forgetting to set security correctly on your data can lead to millions of pounds worth of fines and damage to the reputation you have carefully built up it makes sense to ensure you choose your Cloud provider carefully, this post is an overview of the big 3 providers (Amazon, Microsoft, Google) and how they all stack up security feature-wise.
A short introduction to test-driven development in BLAZOR using bunit TDD library focusing on dependency injection, faking authorisation and interacting with page components.