Ruby on Rails SQL Sanitization
OData Injection OData (Open Data Protocol) according to Microsoft is an ISO/IEC approved, OASIS standard that defines a set of best practices for building and consuming REST APIs. The intention for OData is to simplify the querying and sharing of data across different systems by providing a uniform way to structure and interact with the data.
Introduction At times, SQLMap might mistakenly assess a parameter as secure due to various factors, despite evidence from manual testing indicating otherwise.
ServiceNow Insecure Access Control leading to Administrator Account Takeover - CVE-2022-43684
Introduction Secure Code Review is an integral part of the software development life cycle, and is also a crucial part of white-box penetration testing. Numerous methods exist for scanning source code for security vulnerabilities, from using tools like Graudit or Semgrep to detect known vulnerability signatures, to leveraging SonarQube or Snyk for taint analysis and dependency checks, or employing semantic analysis tools such as CodeQL. Each approach offers its unique advantages.
Personal Security Blog for qwutony
A simple AI Code Scanner built with Python for research purposes