Laravel Security in Depth → Black Friday Special Offer
If you've been thinking of upgrading your Laravel Security in Depth subscription, now is the time!
Read more
Security Tip: What If You Hashed Null?
[Tip #100] One of the fun parts of doing my security audits is coming across unexpected code that looks exploitable, and trying it out myself to see what possibilities exist.
Security Tip: Please Stop Hardcoding Admin Domains!
[Tip #99] Let me tell you a story about a time when a single missing character allowed me to escalate my privileges and gain admin access, despite all the protections designed to stop me! 😈
Security Tip: strip_tags() Won't Save You from XSS!
[Tip #98] XSS doesn't just hide in <script> tags - it sneaks in through HTML attributes, links, and even inline styles! Don't rely on functions like strip_tags() to keep you safe...
Security Tip: Be Intentional with Your Outputs!
[Tip #97] XSS loves to sneak into your apps when you're not paying attention, so you need to be intentional with your outputs and think about every piece of user input you're using in your apps!