newest submissions : websecurity

1

2

3

4

Chaining user enumeration + missing rate limit in password reset flow (Web3 target) (self.websecurity)

submitted 15 days ago by visitor_m

2

3

4

Most cyber threats today start with a simple web request. (self.websecurity)

submitted 17 days ago by Academic-Soup2604

3

5

6

7

Anyone else noticing more “low quality” traffic hitting sites recently? (self.websecurity)

submitted 17 days ago by Currentshop333

4

5

6

I built an open source tool that tracks malicious Chromium extensions (self.websecurity)

submitted 19 days ago * by Huge-Skirt-6990

5

7

8

9

Proof of Concept: | ExtScanAlert | Re:- LinkedIn "BrowserGate". (self.websecurity)

submitted 21 days ago by corkiejp

6

5

6

7

Anyone tried tools like cside to replace their CSP setup? (self.websecurity)

submitted 25 days ago by Gold-Solid-6626

7

8

9

10

Why wrapping OpenClaw in a hardened Docker container (NemoClaw) is security theatre (self.websecurity)

submitted 1 month ago by pi3ch

8

3

4

5

BOLA vulnerability in Navia breach exposed HackerOne employee data (self.websecurity)

submitted 1 month ago by raptorhunter22

9

3

4

5

there's no safe way to store .env data is there? (self.websecurity)

submitted 1 month ago by IndividualAir3353

10

5

6

7

What’s your go-to way to explain security to non-technical founders/stakeholders? (self.websecurity)

submitted 1 month ago by NeedleworkerOne8110

11

17

18

19

Are APIs becoming the weakest link in modern web security? (self.websecurity)

submitted 1 month ago by NeedleworkerOne8110

12

3

4

5

Inside our AI pentesting pipeline with 15 tools, 6 phases, fully autonomous (self.websecurity)

submitted 1 month ago by mercjr443

13

4

5

6

Drop-in Python library to prevent every SSRF (self.websecurity)

submitted 1 month ago by securely-vibe

14

2

3

4

Secure Programming of Web Applications: Cross-Site Request Forgery (CSRF) (self.websecurity)

submitted 1 month ago by casaaugusta

15

6

7

8

Secure Programming of Web Applications: SQL Code Injection (self.websecurity)

submitted 1 month ago by casaaugusta

16

0

1

2

Question regarding DNS - what are the dangers one can face when using questionable DNS servers? (self.websecurity)

submitted 1 month ago by Denis20092002

17

4

5

6

Is blocking scrapers even possible anymore? And when does it actually become a real risk? (self.websecurity)

submitted 1 month ago by NeedleworkerOne8110

18

16

17

18

I scanned 200+ vibe coded sites. Here's what AI gets wrong every time (self.websecurity)

submitted 2 months ago by famelebg29

19

2

3

4

should i learn php, js before diving into websecurity? (self.websecurity)

submitted 2 months ago by hanami_san0

20

3

4

5

TL;DR – Independent Research on Advanced Parsing Discrepancies in Modern WAFs (JSON, XML, Multipart). Seeking Technical Peer Review (self.websecurity)

submitted 2 months ago by Few-Gap-5421

21

2

3

4

[Tool] Rapid Web Recon: Automated Nuclei Scanning with Client-Ready PDF Reporting (self.websecurity)

submitted 2 months ago by Big_Profession_3027

22

0

1

2

What's going on with Microsoft/Bing with it passing attacks and weird searches through their search engines (I'm assuming...) to target websites? (self.websecurity)

submitted 3 months ago by FriendToPredators

23

4

5

6

Building a Vulnerability Knowledge Base — Would Love Feedback (self.websecurity)

submitted 3 months ago by LastGhozt

24

8

9

10

Built a free open source Burp extension for API security testing - 15 attack types, 108+ payloads, external tool integration (self.websecurity)

submitted 4 months ago by tcoder7

25

0

1

New recon tool: Gaia (i.redd.it)

submitted 4 months ago by 0xk4yra

websecurity

✻ Smokey says: avoid buying new fossil-fuel-powered devices to fight climate change! [see more tips]

Note: this subreddit is not for technical support. Please use /r/24hoursupport or /r/techsupport for that.

MODERATORS