The article explains HTTP’s plaintext nature and its susceptibility to man‑in‑the‑middle attacks, then details how HTTPS (TLS) uses asymmetric key exchange, certificates, and a trusted CA hierarchy to establish encrypted communication and prevent such attacks.
The article walks through six real penetration‑testing scenarios, dissecting common encryption and authentication mechanisms in mini‑programs and web applications, demonstrating how to reverse‑engineer, debug, and script the bypass of Hawk signatures, MD5 timestamps, RSA and AES encryptions to achieve unauthorized data access and account takeover.
HTTPS secures web communication by replacing plaintext HTTP with TLS encryption, using asymmetric key exchange to protect symmetric keys, and relying on a hierarchical CA certificate chain to verify server identities, thereby preventing man‑in‑the‑middle attacks that exploit HTTP’s unencrypted traffic.
To protect API traffic from scraping, tampering, replay attacks, and ensure data integrity, this guide outlines a hybrid encryption scheme that combines symmetric AES, asymmetric RSA, hash‑based signatures, and HTTPS principles, detailing design, implementation steps, common issues, and security analysis.
This article walks through the end‑to‑end automation of a company’s daily dashboard report, covering reverse‑engineered login, API data extraction, image generation with canvas, OSS upload, and scheduled DingTalk webhook delivery, all implemented in Node.js.
This article provides a comprehensive guide to Go cryptography, covering fundamental concepts, common mistakes like using math/rand for keys or RSA v1.5 padding, correct implementations with crypto/rand, AES‑GCM, RSA‑OAEP/PSS, password‑derived keys, performance benchmarks, and practical testing strategies.
This guide explains how to implement symmetric (AES‑CBC, AES‑GCM) and asymmetric (RSA) encryption as well as hashing in Go, providing clear explanations and complete, runnable code samples for each technique.
This article presents concise Python examples for a wide range of encryption and encoding methods—including MD5, SHA‑256, Base64, AES, RSA, HMAC‑SHA256, Fernet, PBKDF2, Blowfish, and XOR—explaining their usage scenarios and highlighting the importance of selecting appropriate cryptographic techniques for security.
This article walks through a complete solution for protecting data in Spring Boot applications, covering symmetric, asymmetric, and hybrid encryption schemes, utility classes for AES and RSA, a custom HttpServletRequestWrapper to enable multiple reads of the request body, a filter that transparently decrypts incoming parameters, and an AOP‑based response‑encryption mechanism triggered by a custom annotation.
This article explains the fundamentals of symmetric encryption, presents Python examples for AES and DES using the pycryptodome library, demonstrates how to encrypt API request data, and outlines key management and performance considerations for secure API automation testing.
This article explains symmetric and asymmetric encryption principles, digital signatures, HTTPS with certificate authorities, and demonstrates how to implement combined encryption, digital signing, and URL protection using Spring Cloud Gateway filters and Java code examples.
This tutorial walks readers through building a Python‑based file encrypter using the Pycryptodome library, covering AES‑CBC encryption, PBKDF2 key derivation, functions for encrypting and decrypting files, environment setup on Windows, macOS and Linux, and a simple driver script for testing.
This article demonstrates a practical approach to protect sensitive Spring Boot applications by encrypting the JAR with AES, storing the key in a secure vault, and using a custom ClassLoader to decrypt and load classes at runtime, while highlighting key management, performance, and additional hardening considerations.
This article walks through the design and implementation of symmetric AES encryption for both GET and POST API endpoints in a Spring Boot application, covering requirement analysis, data model definition, custom RequestBodyAdvice and ResponseBodyAdvice, serialization challenges with FastJSON vs Jackson, and final configuration to ensure consistent JSON output across encrypted and non‑encrypted responses.
This article explains how to protect front‑end and back‑end communication in a Spring Boot application by encrypting request and response data using a hybrid AES and RSA scheme, custom request wrappers, filters, and AOP‑based response encryption, complete with code examples and implementation details.
This article explains a real‑world incident where insecure API parameters led to leaderboard manipulation, then details how to securely combine RSA asymmetric encryption with AES symmetric encryption, covering key concepts, padding modes, implementation steps, and server‑side decryption using Java.
This article introduces several widely used PHP encryption algorithms—including MD5, SHA family, AES, RSA, and Base64 encoding—explaining their functions, security considerations, and PHP functions for implementation, while also mentioning additional algorithms like DES, RC4, and Blowfish for specific use cases.
This article describes a real‑world API security incident, explains the fundamentals of asymmetric RSA and symmetric AES encryption, and provides a complete Java implementation—including a hybrid encryption strategy, custom @RequestRSA annotation, Spring AOP decryption aspect, and utility classes—to securely transmit and automatically decrypt request parameters.
The article recounts a real‑world incident where a game’s leaderboard showed absurd scores due to insecure API parameters, then explains RSA and AES fundamentals, demonstrates how to combine asymmetric and symmetric encryption for secure request handling, and provides Java code, custom annotations, and AOP logic to automate decryption on the server side.
This guide explains the fundamentals of AES symmetric encryption, compares Java and PHP implementations, highlights their shared features and differences, provides complete code samples for encryption and decryption, and offers practical advice on key management, IV usage, and performance considerations.
This article explains how to build a reusable Spring Boot starter that automatically encrypts response data and decrypts request payloads using Hutool-Crypto's AES utilities, covering request stream handling, validation, custom starter configuration, and example code for controllers and entities.
This article provides Python implementations and usage examples for a range of encryption and decryption techniques—including AES, RSA, Caesar cipher, Base64, SHA‑256/HMAC, Blowfish, DES, ChaCha20‑Poly1305, and XOR—along with notes on required libraries and security considerations.
This guide explains how to protect API data exchange by implementing HTTPS, JWT, rate limiting, MAC, and symmetric encryption (AES/DES) in a Spring Boot backend, while using Vue and Axios on the frontend, including custom annotations, request/response advice, and crypto‑js utilities for end‑to‑end encryption.
This article explains the basic concepts of encryption, distinguishes between symmetric and asymmetric methods, describes how public and private keys work, and compares common algorithms such as AES and RSA, highlighting their security properties, performance trade‑offs, and typical use cases.
This article compiles a series of practical SpringBoot implementations—including AES encryption with Vue, a Netty‑based TCP client that parses hex data into MySQL, multiple Redis integration patterns, strategy‑factory designs, custom annotations for rate limiting, global exception handling, and scheduled tasks—each linked to detailed examples.
This article explains why PHP7 deprecates the mcrypt extension in favor of OpenSSL, compares DES, 3DES, and AES algorithms, clarifies key length choices, outlines common encryption modes, and provides practical PHP code for encrypting and decrypting data with OpenSSL.
This article walks through a complete Spring Boot solution for encrypting and decrypting API requests and responses, covering requirement analysis, data models, custom ControllerAdvice implementations, serialization challenges, and practical code examples using AES and Jackson.
This article reviews why reversible encryption is needed for certain sensitive fields, classifies three categories of fuzzy‑search‑on‑encrypted‑data techniques—naïve, conventional, and advanced—and evaluates their implementation steps, performance trade‑offs, and practical recommendations.
This article explains MySQL's native data encryption capabilities, detailing the AES_ENCRYPT/AES_DECRYPT functions, their parameters, storage considerations, example usage, and best‑practice recommendations for secure and efficient encryption of sensitive fields.
This article presents a step‑by‑step guide on securing Spring MVC interfaces by encrypting and decrypting both GET and POST requests using symmetric AES, custom ControllerAdvice components, and Jackson configuration to ensure consistent JSON serialization across mobile, H5, and backend services.
This article demonstrates how to secure GET and POST API endpoints in a Spring MVC application by encrypting request bodies and responses with AES, using custom ControllerAdvice classes, handling serialization issues with FastJSON and Jackson, and configuring ObjectMapper for proper date and enum formatting.
This article walks through implementing symmetric request and response encryption for Spring Boot APIs—covering requirements, data models, controller examples, debugging serialization issues, and using ControllerAdvice with Jackson to ensure encrypted payloads remain compatible across Android, iOS, and H5 clients.
This article explains symmetric encryption concepts, lists common algorithms, and demonstrates how to use PHP's mcrypt extension to perform DES and AES encryption and decryption in various modes with complete code examples.
This article introduces common encryption algorithms—symmetric, asymmetric, and hash—explains where encryption is needed in a user management module, and details implementation steps using RSA and AES128, while also warning about man‑in‑the‑middle attacks and recommending best practices.
This guide explains how Nacos 2.1.0 introduces built‑in configuration encryption, how to add encryption plugins on the server, and how to mark configuration entries with a special prefix so that they are automatically stored and transmitted as ciphertext.
This article demonstrates how to protect sensitive user data such as phone numbers in a MySQL database by creating a custom MyBatis TypeHandler that automatically encrypts values on insert and decrypts them on query using AES encryption from the Hutool library.
This article introduces common encryption methods—including Base64, MD5, SHA‑1, HMAC, DES, AES, and RSA—explains their principles, and provides complete Python code examples for encoding, decoding, and key handling, enabling readers to implement secure data transformations in their own projects.
This article explains the background, challenges, and technical solutions for protecting video content using HLS encryption, DRM standards, key protection, and token-based authentication, highlighting the limitations of simple encryption and proposing a multi-layered approach for secure streaming across platforms.
This article explains how to use Apache ShardingSphere's data desensitization module with Spring and Spring Boot to transparently encrypt sensitive fields such as ID numbers and bank cards, covering pain points, configuration steps, code examples, and datasource integration for compliance‑driven applications.
This article explains the security risks of early Internet protocols, the evolution of SSL/TLS and DTLS, fundamental cryptographic concepts such as symmetric and asymmetric encryption, hashing, MACs, digital signatures, AES modes and padding, and how these technologies are applied in TLS handshakes, DTLS, and WebRTC.
This article explains why encrypting sensitive customer data in databases is essential, outlines common pain points, and demonstrates how Apache ShardingSphere’s data‑desensitization module can be quickly configured in Spring (XML and Boot) to provide transparent AES encryption and decryption without altering business code.
This article introduces common encryption algorithms—including symmetric, asymmetric, and digital signature methods—and provides detailed Go code examples for MD5, HMAC, SHA1, AES (with various modes), and RSA, helping developers understand and implement secure cryptographic operations in Go.
This article explains fundamental cryptography concepts, traces the evolution from ancient substitution ciphers to modern symmetric and asymmetric algorithms, and provides complete Java code examples for DES, AES, RSA, digital signatures, and hash functions such as MD5 and SHA.
This article explains the high‑security encryption mechanisms used in Alipay payments, covering the payment flow, the role of digital signatures, RSA key pairs for signing and verification, and how AES symmetric encryption protects data during transmission.
This article introduces Java developers to the Bouncy Castle library, detailing how to integrate it via Maven, demonstrating MD5 hashing and AES encryption/decryption code, and highlighting usage considerations and export compliance risks associated with cryptographic algorithms.
In the era of big data and GDPR, front‑end developers must protect personal information beyond HTTPS by using a hybrid AES‑RSA encryption scheme, and this article explains the threats, compares symmetric, asymmetric and hash algorithms, and provides full client‑side and Node.js server implementations with code examples.
This article explains how to protect payment platform data by using symmetric (DES, 3DES, AES) and asymmetric (RSA) encryption, key‑storage strategies, TLS transport security, and anti‑tampering signatures, with complete Java code examples for Android.
This article introduces symmetric encryption algorithms such as DES, 3DES, and AES, explains their principles, advantages and drawbacks, and provides complete .NET Core sample code using the BouncyCastle library for encryption and decryption with various padding modes.
This article demonstrates how to replace the deprecated mcrypt functions in PHP with OpenSSL by providing a compact Aes class that handles AES‑128‑CBC encryption and decryption, including configuration of key, IV, and method, and shows practical usage examples.
This article provides a step‑by‑step technical guide to the AES encryption and decryption algorithm, covering state matrix construction, key expansion, round operations, final round differences, and practical Node.js code examples for handling padding and common implementation pitfalls.
This article compares two common approaches for encrypting user passwords in MySQL—using the built‑in AES_ENCRYPT/AES_DECRYPT functions and implementing encryption in the application layer—detailing their advantages, drawbacks, and providing concrete code examples for each method.
This article explains how to integrate the rsa-encrypt-body-spring-boot starter into a Spring Boot project to uniformly encrypt request parameters and response bodies using RSA and AES, providing step‑by‑step configuration, code examples, and practical encryption tips.
This article explains why API security is crucial in front‑end/back‑end separated systems and provides practical measures—including HTTPS, request signing, SSL pinning, and full request/response AES encryption—along with a Spring Boot starter and JavaScript Axios interceptor to protect data in transit.
An Android SDK project's shift from HTTPS to RSA‑encrypted HTTP prompts a deep dive into AES encryption, tracing its historical roots from early ciphers through DES and Triple‑DES, culminating in the Rijndael design, while illustrating core cryptographic concepts of confusion, diffusion, and secret keys.
