Subdomain takeover: ignore this vulnerability at your peril
Using custom subdomains can open your application up to potential security issues. Jump into this article to understand what subdomain takeover attacks are and learn how you can avoid them.
Articles by Julien Cretel
Julien is a freelance software developer, security researcher, and Golang trainer. From the comfort of the French countryside, he works mostly remotely with clients all over the world. When he's not writing code or hunting for bugs, he enjoys cooking, gardening, and playing and (re-playing) Cuphead.
Protecting Your Apps From Link-based Vulnerabilities: Reverse Tabnabbing, Broken-Link Hijacking, and Open Redirects
Links are so fundamental to web development that they're almost invisible. When we link to a third-party page, we hardly ever consider how it could become an opportunity to exploit our users. In this article, Julien Cretel introduces us to three techniques that bad actors can use to target our users and discusses how to avoid them.
Plugging Git Leaks: Preventing and Fixing Information Exposure in Repositories
Have you ever been neck-deep building a new feature? You're working at capacity. You need to test something out so you paste an API key into your source file with every intention of removing it later. But you forget. You push to GitHub. It's an easy mistake, and potentially a very expensive one. In this article, Julien Cretel explores the nuances of this kind of data leak, offers suggestions for recovery when leaks happen and gives us options for preventing them in the first place.