Two factor authentication is a security measure that adds an extra layer of protection to a user's account or system by requiring two forms of identification. Instead of relying solely on a...

Laravel is certainly almost everyone's favorite PHP framework and an excellent developer's companion. It attempts to relieve the pain that comes with development tasks such as sessions, auth...

By now you have an understanding of Stored XSS attack and Reflected XSS attack, and some measures to prevent it. Now we will look into the last type of XSS attack, DOM based XSS attack. In t...

In the last post I went through what is Cross-site scripting and Stored XSS attack, a type of cross-site scripting caused by stored javascript in database from user inputs. If you haven't re...

As frontend developers we are constantly adding and releasing new features or fixing bugs as per business requirements, and it's hard to keep vigilance on the security side of things. It has...

Companies are investing heavily in technologies to protect their users' data as part of policies. Hackers and other bad players will get more sophisticated in stealing information and infilt...

In a past article, I wrote about JWTs, how to generate one and how to use them for authorization. JSON Web Tokens, however, have one major drawback. Once it is generated and submitted to the...

Article originally posted o my personal website under How to securely store the password using a salt and pepper In a previous article I wrote how to securely store a password in the databas...

What is a DDoS Attack? DDoS stands for distributed denial of service but is often referred to as a simple denial of service. A DDoS attack consists of a website being flooded by requests dur...

The last couple of days I observed thousands of SSH Brute Force Attacks, so I decided I will just revisit my SSH Server configuration, and change my SSH port to something else for the interi...

While I'm learning a lot about encryption at the moment, I wanted to test out encryption with the PyCrypto module in Python using the Advanced Encryption Standard (AES) Symmetric Block Ciphe...

Original article with another example on my personal website Web technologies have evolved a lot in the past few years, both on the server-side as well as on the client’s side. There are man...

In this tutorial, I will demonstrate how to set up cross-account access for S3, from using two AWS Accounts. Scenario We will have 2 AWS Accounts: a Green AWS Account which will host the I...

Article originally posted on my website un How to securely store the password in the Database When I started LOGaritmical, one of the first functionalities that I implemented was registering...

Introduction Encryption is the process of encoding information so that it can not be understood or intercepted. Encryption has been used long ago before computers were invented; actually, th...