
In Depth
In Depth: Setting up Two-Factor Authentication!
[In Depth #37] It's time to finally fulfil one of the most common requests for an In Depth article: setting up 2FA! 🎉 So let's add some TOTP 2FA to our boring user/pass auth login!
Monthly deep dive into Laravel security concepts through code examples, practical security knowledge, hacking techniques, and interactive challenges, covering the essential topics you need to know to keep your apps secure.
In Depth
[In Depth #37] It's time to finally fulfil one of the most common requests for an In Depth article: setting up 2FA! 🎉 So let's add some TOTP 2FA to our boring user/pass auth login!
In Depth
[In Depth #36] It's time to review the Livewire Volt, Vue, and React Starter Kits! Let's see what vulnerabilities are hiding under the surface, and just how easy it is to fix them... 🧐
In Depth
[In Depth #35] Let's take a dive into the security of Laravel's new Starter Kits to see how they handle authentication, what security features they include, and what areas could be improved! 🤓
In Depth
[In Depth #34] MFA, 2FA, 2SV, DFA... Something you know/have/are... Let's figure out this MFA thing and why it's so important.
In Depth
[In Depth #33] Let's explore a number of common ways developers fail authorisation in Laravel apps, and what you need to watch out for so you don't make the same mistakes!
In Depth
[In Depth #32] Let's explore 5 different "Authentication Fails" that I've come across, as a reminder for why it's so important to get authentication right.
In Depth
[In Depth #31] Here are the Top 10 security issues I've found during my security audits, highlighting the areas we as a community need to improve our security.
In Depth
[In Depth #30] In the final part of the series, we finish our code searches and spend some time reading the code - which really pays off in terms of finding juicy vulnerabilities to exploit and report.
In Depth
[In Depth #29] It's time to spend some time looking for smelly or suspicious code, searching for common patterns and functions that usually show up around weaknesses. 🕵️
In Depth
[In Depth #28] Continuing our Laravel Security Audit and Penetration Test, we're looking into configs and dependences, and following threads to discover 4 CRITICAL vulnerabilities!
In Depth
[In Depth #27] Let me walk you through my process of conducting a Laravel Security Audit and Penetration Test, starting with the passive scans that usually find a lot of low-hanging fruit!
In Depth
[In Depth #26] It's time for some nightmare fuel with a sneaky inline CSS vulnerability I found in a popular Laravel package!