Skip to content

Latest commit

 

History

History
executable file
·
34 lines (22 loc) · 557 Bytes

security.md

File metadata and controls

executable file
·
34 lines (22 loc) · 557 Bytes

Attacks

XSS - Cross Site Scripting

Javascript injection.

CSRF / XSRF - Cross Site Request Forgery

Executing requests on one website for another one while authenticated.

Same-origin policy

Prevents scripts from one origin to access private data on another origin.

MITM

Packet snooping.

SQL Injection

SQL injection.

Good Practices

SSL

Let's encrypt.

Encryption

Password hashing.

JWT

Tokens vs cookies.

Reverse-proxy

Localhost vs direct.

User groups

Linux permissions.