Sécurité

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `} - anouarbensaad/vulnx

A proposed standard which allows websites to define security policies.

This is a collection of legal wording and documentation used for physical security assessments. The goal is to hopefully allow this as a template for other companies to use and to protect themselve...

Computer Security News, Advice and Research

Serving the Technologist for more than a decade. IT news, reviews, and analysis.

Threatpost, is an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.

ZDNet's breaking news, analysis, and research keeps business technology professionals in touch with the latest IT trends, issues and events.

BleepingComputer.com is a premier destination for computer users of all skill levels to learn how to use and receive support for their computer.

~this week in security~ Email Forms

SQL Injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements that control a web application’s database server.

Snyk helps you use open source and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more.

The way we consume **open source software (OSS) dramatically changed** over the past decade or two. Flash back to the early 2000s, we mostly used large OSS projects from a small number of providers, such as Apache, MySQL, Linux and OpenSSL. These projects came from well-known software shops that maintained good development and quality practices. It wasn’t our code, but it felt trustworthy, and it was safe to assume it didn’t hold more bugs than our own code. Fast-forward to today and OSS has turned into crowd-sourced marketplaces. Node’s npm carries over 210,000 packages from over 60,000 co...

Quickly and easily assess the security of your HTTP response headers

Welcome to the Web Security Academy. This is a free learning resource on web security provided by PortSwigger. Free web security training The Web Security ...

Whether you're new to security or a veteran, you need to stay up to date on threats. Learn what ATO attacks are and what the most common types look like.

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries - lirantal/is-website-vulnerable

Examples of some features and the vulnerabilities that can exploit any webpage if target="_blank" is used without rel="noopener" - apal21/target-blank-vulnerabilities-features

Top 100 Hacking & Security E-Books (Free Download) - yeahhub/Hacking-Security-Ebooks

The CEO Cybersecurity Challenge (#ceocybersecuritychallenge) is designed to get any organisation to root of their security problems; their people.

A tout moment, de nombreux concurrents ou individus mal intentionnés aimeraient mettre la main sur les données de votre entreprise. Etes-vous prêts à faire les bons choix ? Avez-vous évaluer le budget dont vous aurez besoin pour mettre en place une politique de sécurité ? Votre compagnie est-elle parée contre toute cyberattaque éventuelle ?

Have I Been Pwned allows you to search across multiple data breaches to see if your email address has been compromised.

There are myriad theories as to why software remains insecure after we've spend decades trying to solve the problem. Common reasons include: Get the Audio

Demonstration of Cross Site Request Forgery(CSRF) with a simple todo app.

The best hacker's gadgets for Red Team pentesters and security researchers. - yadox666/The-Hackers-Hardware-Toolkit