BestHub
Sign in
Tagged articles
28 articles
Page 1 of 1
Architect's Guide
Architect's Guide
Jul 20, 2025 · Information Security

Unlocking API Security: 10 Common Vulnerabilities Every Tester Must Know

This article explains the most frequent API security flaws—including information disclosure, broken object and function level authorizations, excessive data exposure, rate‑limiting gaps, mass‑assignment, misconfigurations, asset‑management errors, and business‑logic bugs—while providing practical examples, detection techniques, and code snippets for each vulnerability.

API SecurityBFLABOLA
0 likes · 16 min read
Unlocking API Security: 10 Common Vulnerabilities Every Tester Must Know
php Courses
php Courses
Jul 1, 2024 · Information Security

PHP Security Best Practices: Protecting Applications from Common Vulnerabilities

This article explains why PHP security is critical and outlines five common PHP vulnerabilities—SQL injection, XSS, CSRF, remote code execution, and file inclusion—along with comprehensive best‑practice recommendations such as input validation, secure password storage, session management, error handling, and continuous learning.

best practicesinput validationvulnerabilities
0 likes · 18 min read
PHP Security Best Practices: Protecting Applications from Common Vulnerabilities
AntTech
AntTech
Aug 31, 2023 · Information Security

In-Depth Analysis of Apple UserFS Architecture, Control Flow, and Vulnerabilities

This article provides a comprehensive examination of Apple’s UserFS, detailing its architecture, mounting and file‑access control flows, exposing three real vulnerabilities (CVE‑2022‑42861, CVE‑2022‑42842, a kernel UAF) and discussing how UserFS reshapes the iOS file‑system security model.

AppleCVEUserFS
0 likes · 14 min read
In-Depth Analysis of Apple UserFS Architecture, Control Flow, and Vulnerabilities
Liangxu Linux
Liangxu Linux
Jul 30, 2023 · Information Security

Top 12 Common API Vulnerabilities Every Tester Should Know

Understanding the most frequent API weaknesses—from information disclosure and broken object-level authorization to injection, misconfiguration, and business logic flaws—helps security testers identify, exploit, and report issues such as over‑exposed data, missing rate limits, and improper authentication across modern web services.

API SecurityBOLAbusiness logic
0 likes · 17 min read
Top 12 Common API Vulnerabilities Every Tester Should Know
MaGe Linux Operations
MaGe Linux Operations
Jul 15, 2023 · Information Security

Top API Vulnerabilities Every Tester Should Know

This article surveys the most common API security flaws—including information disclosure, broken object‑level and function‑level authorization, over‑exposure of data, missing rate limits, mass‑assignment, misconfigurations, injection attacks, improper asset management, and business‑logic bugs—providing examples, code snippets, and practical testing tips for security professionals.

API SecurityAuthenticationBOLA
0 likes · 17 min read
Top API Vulnerabilities Every Tester Should Know
Architect
Architect
Apr 30, 2023 · Information Security

Common API Vulnerabilities and How to Detect Them

This article explains the most frequent API security weaknesses—including information disclosure, broken object‑level and function‑level authorization, authentication bypass, over‑exposure of data, missing rate limits, mass‑assignment, misconfiguration, injection, asset mismanagement, and business‑logic flaws—providing detection techniques and illustrative code examples.

Authenticationinformation disclosureinjection
0 likes · 17 min read
Common API Vulnerabilities and How to Detect Them
MaGe Linux Operations
MaGe Linux Operations
Oct 19, 2022 · Information Security

Why Chrome Leads in Browser Vulnerabilities: 2022 Data Reveals the Risks

A 2022 Atlas VPN analysis shows Google Chrome suffered the most reported vulnerabilities among major browsers, with 303 new flaws and a lifetime total of 3,159, while Firefox, Edge, Safari and Opera display varying risk levels and market shares, prompting essential security practices for users.

Browser SecurityChromeFirefox
0 likes · 7 min read
Why Chrome Leads in Browser Vulnerabilities: 2022 Data Reveals the Risks
MaGe Linux Operations
MaGe Linux Operations
Aug 4, 2022 · Information Security

Essential InfoSec FAQ: From White‑Hat Basics to Advanced Attack Techniques

This comprehensive FAQ explains key information‑security concepts, covering white‑hat hacking, IP vs MAC addresses, common penetration‑testing tools, hacker types, footprinting methods, brute‑force, DoS, SQL injection, sniffing, ARP spoofing, MAC flooding, rogue DHCP, XSS, Burp Suite, pharming, defacement, website protection, keyloggers, enumeration, NTP, MIB, password‑cracking techniques, attack stages, and CSRF mitigation.

cybersecurityhackinginformation security
0 likes · 10 min read
Essential InfoSec FAQ: From White‑Hat Basics to Advanced Attack Techniques
Python Crawling & Data Mining
Python Crawling & Data Mining
Jul 31, 2022 · Information Security

10 Hidden Python Security Pitfalls Every Developer Must Avoid

This article reveals ten little‑known Python security pitfalls—from optimized‑away asserts and directory permission quirks to URL parsing quirks and Unicode normalization issues—explaining each flaw, its impact, and how to mitigate it, helping developers safeguard their code.

Code reviewSecuritybest practices
0 likes · 17 min read
10 Hidden Python Security Pitfalls Every Developer Must Avoid
Python Programming Learning Circle
Python Programming Learning Circle
May 24, 2022 · Information Security

Common Python Vulnerabilities and How to Secure Them

This article outlines the most frequent security flaws in Python—including command injection, outdated versions, unsafe temporary files, misuse of assert statements, and import path issues—while offering practical mitigation strategies to help developers protect their applications.

best practicescode safetyvulnerabilities
0 likes · 6 min read
Common Python Vulnerabilities and How to Secure Them
MaGe Linux Operations
MaGe Linux Operations
Apr 23, 2022 · Information Security

What Are the Most Common Python Vulnerabilities and How to Fix Them?

Python, a widely used high‑level language, suffers from several critical vulnerabilities—including command injection, outdated versions, insecure temporary files, misuse of assert statements, and import path issues—each explained with practical mitigation strategies to help developers secure their applications.

Code InjectionPythonassert statements
0 likes · 7 min read
What Are the Most Common Python Vulnerabilities and How to Fix Them?
Laravel Tech Community
Laravel Tech Community
Apr 12, 2022 · Information Security

Common PHP Weak‑Type Vulnerabilities: MD5 Collision, is_numeric, in_array, switch, and intval Issues

This article explains several PHP weak‑type pitfalls—including MD5 hash collisions, improper handling by is_numeric, unexpected behavior of in_array and switch, and intval casting quirks—showing how they can lead to security problems such as hash collisions, SQL injection, and logic errors.

Hash CollisionPHPWeak Typing
0 likes · 4 min read
Common PHP Weak‑Type Vulnerabilities: MD5 Collision, is_numeric, in_array, switch, and intval Issues
IT Services Circle
IT Services Circle
Feb 16, 2022 · Information Security

10 Unknown Security Pitfalls for Python

This article outlines ten lesser‑known Python security pitfalls—from optimized‑away asserts and directory permission quirks to path traversal, regex misuse, Unicode normalization attacks, and IP address normalization—illustrating how subtle language features can lead to serious vulnerabilities in real‑world applications.

Code reviewPythonSecurity
0 likes · 16 min read
10 Unknown Security Pitfalls for Python
Laravel Tech Community
Laravel Tech Community
Oct 10, 2021 · Information Security

Common PHP Security Vulnerabilities and Mitigation Strategies

This article outlines ten common PHP security threats—including SQL injection, XSS, CSRF, LFI, weak password hashing, MITM, command injection, XXE, improper error reporting, and login rate limiting—explaining how each attack works and providing practical mitigation techniques such as prepared statements, input sanitization, CSRF tokens, and HTTPS.

MitigationPHPSecurity
0 likes · 15 min read
Common PHP Security Vulnerabilities and Mitigation Strategies
Laravel Tech Community
Laravel Tech Community
Jun 23, 2021 · Information Security

Common Sensitive Data Protection Issues in PHP Applications and Their Mitigation

The article outlines typical ways PHP projects mishandle sensitive data—such as storing passwords in plain text, transmitting credentials without encryption, using weak hashing algorithms, and exposing server details—and provides practical configuration and coding measures to secure data at rest and in transit.

ConfigurationSecurityencryption
0 likes · 6 min read
Common Sensitive Data Protection Issues in PHP Applications and Their Mitigation
php Courses
php Courses
Nov 2, 2020 · Information Security

Common Web Security Vulnerabilities: XSS, SQL Injection, CSRF, CC, DoS and DDoS

This article explains common web security threats—including XSS, SQL injection, CSRF, CC, DoS, and DDoS—detailing their mechanisms, potential impacts, and practical defense strategies such as input validation, token usage, Referer checks, and resource limiting to protect applications and servers.

DoSSQL injectionXSS
0 likes · 14 min read
Common Web Security Vulnerabilities: XSS, SQL Injection, CSRF, CC, DoS and DDoS
Laravel Tech Community
Laravel Tech Community
Aug 10, 2020 · Information Security

Comprehensive Penetration Testing Process, Common Vulnerabilities, Exploitation Techniques, and Security Interview Questions

This article provides a detailed walkthrough of web penetration testing steps, extensive Q&A on common vulnerabilities such as SQL injection, XSS, CSRF, SSRF, file inclusion, privilege escalation methods, mitigation strategies, and interview preparation tips for security professionals.

ExploitationSecurity InterviewWeb Security
0 likes · 44 min read
Comprehensive Penetration Testing Process, Common Vulnerabilities, Exploitation Techniques, and Security Interview Questions
Architects Research Society
Architects Research Society
Jul 8, 2020 · Information Security

Top 25 Software Errors (CWE) and Resources for Mitigation

The article presents the CWE Top 25 software errors, detailing each weakness with its ID and description, and provides links to MITRE entries, remediation guidance, and various SANS training resources aimed at helping developers mitigate these common vulnerabilities.

CWEMitigationSANS
0 likes · 17 min read
Top 25 Software Errors (CWE) and Resources for Mitigation
MaGe Linux Operations
MaGe Linux Operations
Feb 25, 2019 · Information Security

10 Common Python Security Vulnerabilities and How to Fix Them

This article outlines ten frequent security flaws in Python—from input injection and unsafe XML parsing to misuse of assert statements and vulnerable third‑party packages—explaining how each can be exploited and providing concrete remediation techniques to write safer code.

PicklePythonXML parsing
0 likes · 10 min read
10 Common Python Security Vulnerabilities and How to Fix Them
MaGe Linux Operations
MaGe Linux Operations
Jun 24, 2018 · Information Security

Top 10 Python Security Pitfalls and How to Fix Them

Discover the ten most common Python security flaws—from input injection and XML parsing attacks to unsafe assert statements and vulnerable third‑party packages—and learn practical remediation techniques such as using ORM safeguards, defusedxml, safe YAML loading, secrets.compare_digest, and proper dependency management.

Secure CodingSecuritybest practices
0 likes · 10 min read
Top 10 Python Security Pitfalls and How to Fix Them
360 Quality & Efficiency
360 Quality & Efficiency
Apr 13, 2018 · Information Security

Common Web Application Vulnerabilities and Their Attack Methods

This article introduces the most common web application vulnerabilities—including SQL injection, XSS, CSRF, file upload, file inclusion, clickjacking, and URL redirect—explaining how attackers exploit them and the potential impacts on websites and their users.

CSRFSQL injectionWeb Security
0 likes · 8 min read
Common Web Application Vulnerabilities and Their Attack Methods
Node Underground
Node Underground
Nov 17, 2017 · Information Security

Are Your Node.js Apps Really Secure? Survey Reveals Shocking Gaps

A recent NodeSource and Sqreen survey shows that most developers underestimate Node.js security risks, with low confidence in code safety, third‑party dependencies, and vulnerability checks, highlighting the urgent need for better practices as the npm ecosystem expands.

Node.jsvulnerabilities
0 likes · 3 min read
Are Your Node.js Apps Really Secure? Survey Reveals Shocking Gaps
Baidu Intelligent Testing
Baidu Intelligent Testing
Nov 24, 2016 · Information Security

Analysis of Common Android App Vulnerabilities and Mitigation Strategies

This article analyzes recent Android app security scan data, detailing prevalent vulnerabilities such as log leakage, weak encryption, WebView password storage, unsafe PendingIntent usage, and dynamic broadcast receiver exposure, and provides concrete code examples and remediation recommendations for developers.

PendingIntentWebViewbroadcast
0 likes · 10 min read
Analysis of Common Android App Vulnerabilities and Mitigation Strategies
Architects Research Society
Architects Research Society
Nov 24, 2015 · Information Security

Understanding Common Web Application Attacks and the OWASP Top 10

The article explains how modern web and cloud‑based applications are increasingly exposed to a range of application‑layer attacks—including injection, XSS, broken authentication, and insecure redirects—while highlighting OWASP’s Top 10 list, the importance of secure development practices, and IBM’s educational webinar series.

OWASPSecure CodingWeb Security
0 likes · 10 min read
Understanding Common Web Application Attacks and the OWASP Top 10