Home
Tanishq Rupaal
Cancel

Fundamentals of GraphQL Security

Introduction GraphQL is a query language for an API and not for a database i.e., it is database agnostic. Clients can use GraphQL to request for many types of data from multiple source in the API,...

Fundamentals of Websockets and their Security

Test Methodology Capture, Discover or Analyze Use Burp to capture packets and search for connection upgrades. The proxy tab has a WebSockets History sub-tab for looking at the communication. ...

Minor TidBits

Windows Change DNS Script - PowerShell PowerShell.exe -NoProfile -WindowStyle Hidden -Command "& {Start-Process PowerShell.exe -WindowStyle Hidden -ArgumentList '-NoProfile -ExecutionPolicy By...

Introduction to Open Source Projects and CMake

Open Source Projects Anatomy of Open Source Projects A typical open source project has the following types of people → Author - The one who creates the project Owner - The one who has admin...

Introduction to Incident Response

BHIS IR Card game. The following sections are taken from a card game made by Black Hills Information Security (BHIS). Injects Management has approved the release of a new procedure → Once in ...

Threat Modeling

Threat Modeling Threat modeling is best applied continuously throughout a software development project. Following is a four question framework that helps understand threat modeling → What are we w...

Authentication and 2FA

Authentication Basic Authentication It is the simplest authentication mechanism which is part of the HTTP protocol. It is a challenge response scheme where the server challenges the client to pro...

Web Application Security Fundamentals

XSS (Cross Site Scripting) Cross site scripting is a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. It also allows the attackers to circumve...

Basics of Same Origin Policy (SOP)

The same-origin policy is a web browser security mechanism that aims to prevent websites from attacking each other. It causes the web browser to permit or restrict scripts contained in one web page...

Basics of Cross Origin Resource Sharing (CORS)

CORS is a browser mechanism which enables controlled access to resources located outside of a given domain. It extends and adds flexibility to SOP. However, it also provides potential for cross dom...