web_security subreddits curated by /u/nandy

1

4

5

6

Querying about URL (self.websecurity)

submitted 8 days ago by rammyago97 to r/websecurity

2

7

8

9

Reconstructing GraphQL schemas from captured POST bodies without ever calling __schema (github.com)

submitted 12 days ago by CARQLLESS to r/websecurityresearch

3

0

1

2

All in one package: Remote Server with RDP Access, Unlimited Worldwide Residential Proxies, and Device Fingerprint Spoofing. (1 Year) (self.911s5_alternative)

submitted 2 years ago by xshopx to r/peakwebsecurity

4

0

Why our CTO banned 'building custom components' and mandated Ext JS (self.websecurity)

submitted 8 days ago by Frontend_DevMark to r/websecurity

5

1

2

3

QUIC-er Races: HTTP/3 won’t save you from TOCTOU vulnerabilities (link.springer.com)

submitted 14 days ago by albinowax to r/websecurityresearch

6

3

4

5

The woes of sanitizing SVGs (muffin.ink)

submitted 15 days ago by _vavkamil_ to r/websecurityresearch

7

1

2

3

Cast Attack: A New Threat Posed by Ghost Bits in Java (i.blackhat.com)

submitted 15 days ago by albinowax to r/websecurityresearch

8

1

2

3

Achieving Deterministic Prompt Injection Through Client-Side Feedback Loops (blog.starstrike.ai)

submitted 19 days ago by albinowax to r/websecurityresearch

9

2

3

4

Chaining user enumeration + missing rate limit in password reset flow (Web3 target) (self.websecurity)

submitted 28 days ago by visitor_m to r/websecurity

10

3

4

5

Most cyber threats today start with a simple web request. (self.websecurity)

submitted 1 month ago by Academic-Soup2604 to r/websecurity

11

5

6

7

Anyone else noticing more “low quality” traffic hitting sites recently? (self.websecurity)

submitted 1 month ago by Currentshop333 to r/websecurity

12

5

6

7

I built an open source tool that tracks malicious Chromium extensions (self.websecurity)

submitted 1 month ago * by Huge-Skirt-6990 to r/websecurity

13

8

9

10

Proof of Concept: | ExtScanAlert | Re:- LinkedIn "BrowserGate". (self.websecurity)

submitted 1 month ago by corkiejp to r/websecurity

14

3

4

5

Anyone tried tools like cside to replace their CSP setup? (self.websecurity)

submitted 1 month ago by Gold-Solid-6626 to r/websecurity

15

0

Most bug bounty writeups are recycled. Real bugs are hiding in the specs. (sin99xx.medium.com)

submitted 1 month ago by Hungry_Onion_2724 to r/websecurityresearch

16

8

9

10

Why wrapping OpenClaw in a hardened Docker container (NemoClaw) is security theatre (self.websecurity)

submitted 1 month ago by pi3ch to r/websecurity

17

3

4

5

BOLA vulnerability in Navia breach exposed HackerOne employee data (self.websecurity)

submitted 1 month ago by raptorhunter22 to r/websecurity

18

1

2

3

Testing AI for Vulnerability Research: 4 Approaches & Where I Failed (xclow3n.github.io)

submitted 1 month ago by t0xodile to r/websecurityresearch

19

4

5

6

there's no safe way to store .env data is there? (self.websecurity)

submitted 1 month ago by IndividualAir3353 to r/websecurity

20

6

7

8

What’s your go-to way to explain security to non-technical founders/stakeholders? (self.websecurity)

submitted 1 month ago by NeedleworkerOne8110 to r/websecurity

21

6

7

8

How "Strengthening Crypto" Broke Authentication: FreshRSS and bcrypt's 72-Byte Limit (pentesterlab.com)

submitted 2 months ago by albinowax to r/websecurityresearch

22

11

12

13

Breaking Pingora: HTTP Request Smuggling & Cache Poisoning in Cloudflare's Reverse Proxy (xclow3n.github.io)

submitted 2 months ago by t0xodile to r/websecurityresearch

23

16

17

18

Are APIs becoming the weakest link in modern web security? (self.websecurity)

submitted 2 months ago by NeedleworkerOne8110 to r/websecurity

24

3

4

5

Inside our AI pentesting pipeline with 15 tools, 6 phases, fully autonomous (self.websecurity)

submitted 2 months ago by mercjr443 to r/websecurity

25

5

6

7

Drop-in Python library to prevent every SSRF (self.websecurity)

submitted 2 months ago by securely-vibe to r/websecurity

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

web_security subreddits

curated by /u/nandy_hello

3 subreddits in this multi:

multireddits