Sécurité

Learn some best practices for keeping your Node.js and JavaScript projects safe from code injection attacks.

Principles of web security. The fundamentals and state-of-the-art in web security. Attacks and countermeasures. Topics include: the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, and techniques for writing secure code. Course projects include writing security exploits, defending insecure web apps, and implementing emerging web standards.

Les recommandations de ce guide concernent la sécurité des contenus présentés par un navigateur web aux utilisateurs. Les sujets abordés se concentrent autour des standards du Web, dont les implémentations côté navigateur requièrent des paramètres à spécifier lors du développement et de l'intégration d'un site ou d'une application web, de façon à en garantir la sécurité.

Bien que les secrets tels que les clés API, les jetons OAuth, les certificats et les mots de passe soient extrêmement sensibles, il est fréquent qu'ils se retrouvent dans le code source présent dans des dépôts git. Pourquoi ce phénomène et comment l'éviter ?

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe, stranding countless barrels of gasoline, diesel and jet fuel on…

This article lists the most important security headers you can use to protect your website. Use it to understand web-based security features, learn how to implement them on your website, and as a reference for when you need a reminder.

How do you feel about a taco explaining you how DNSSEC works?

🙀 A cat explains how HTTPS works...in a comic! 😻

An experiment that uses hardware security keys (like a YubiKey) to replace CAPTCHAs completely. The idea is rather simple: if a real human is sitting at their keyboard or uses their phone, they can touch their security key’s button or bring it near their phone to demonstrate that they are human.

Advice for system owners responsible for determining password policies and identity management within their organisations.

Le piratage de système informatique professionnel est un accès non autorisé à ce système par un tiers et peut entraîner une perte totale des informations.

We all know the importance of developing with customer, reliability, or security mindsets. In reality...

I’ve talked about ransomware and extortion attacks on organizations for about a decade. I recently spent a year at Microsoft in Threat…

A Computer Science portal for geeks. It contains well written, well thought and well explained computer science and programming articles, quizzes and practice/competitive programming/company interview Questions.

Raise employee cyber security awareness with user-tailored training and simulated phishing campaigns, powered through intelligent automation.

CVEdetails.com is a free CVE security vulnerability database/information source. You can view CVE vulnerability details, exploits, references, metasploit modules, full list of vulnerable products and cvss score reports and vulnerability trends over time

Find dns records in order to identify the Internet footprint of an organization. Recon that enables deeper security assessments and discovery of the attack surface.

Vous savez installer un serveur Linux et souhaitez renforcer ses services ? Suivez ce cours, apprenez à monter un serveur web et à gérer les services les plus courants !

Bases Hacking : apprendre la base de la sécurité informatique. Techniques de base, failles web, buffer overflows, pwn, shellcode, exploits

Pour créer une application de qualité, vous devez définir son modèle de sécurité ! Apprenez à appliquer les techniques de OWASP, une communauté qui fournit des outils inestimables pour réduire les risques de sécurité dans le développement web.

An online platform for learning and teaching cyber security, all through your browser.

Kontra is an Application Security Training platform built for modern development teams.

Quand le projet d'un pirate informatique est mis à mal grâce aux techniques de protection pour assurer la sécurité informatique.... Quelles sont les méthodes pour protéger les données informatiques ? Comment éviter les bugs dans un logiciel et donc les failles de sécurité ? Autant de...

Online study aids used by US soldiers contained detailed information about base security and the location of nuclear devices in Europe.

Find vulnerabilities in your code with fuzzing, a security testing technique generating a lot of attention today.