Server side request forgery turns a harmless looking URL input into a way to read a cloud instance's own credentials. Here is how the metadata endpoint becomes the prize, and why IMDSv2 changed the game.
A single string written into a log file could run attacker code on millions of servers. Here is how Log4Shell (CVE-2021-44228) worked, why it spread so far, and what it taught the industry about dependencies.
By adding ../ to a file path, an attacker can climb out of the intended directory and read files the application never meant to expose. Here is how path traversal works and how to block it.
9 min read·#directory-traversal#web-security#path-traversal
CSRF tricks a logged in user's browser into sending a real, authenticated request they never intended. Here is how it abuses the way browsers handle cookies, and how to shut it down.
If an application builds a system command out of user input, an attacker can smuggle in their own commands. Here is how OS command injection works and how to design it out.
11 min read·#command-injection#web-security#injection
XSS lets an attacker run JavaScript in another user's browser session, in the context of a site they trust. Here are the three types, what they enable, and how to stop them.
SQL injection turns a login box or search field into a way to read, change, or destroy a database. Here is how it works, the flavours it takes, and the one fix that actually stops it.
A plain English walk through of what happens when you load an https site: the TLS handshake, how certificates prove identity, and why the padlock does not mean a site is safe.
Turning saved data back into live objects sounds harmless. When the data comes from an attacker, it can lead to remote code execution. Here is how insecure deserialization works and how to avoid it.
XML has a feature that lets a document pull in outside content. Point it at a local file or an internal server and a helpful parser becomes a data leak. Here is how XML External Entity attacks work.