In Depth
In Depth: Laravel Security Audits Top 10 (2024)!
[In Depth #31] Here are the Top 10 security issues I've found during my security audits, highlighting the areas we as a community need to improve our security.
Security Tips
Security Tip: Compare keys with hash_equals()
[Tip#56] It may be tempting to compare keys/sensitive strings using `===`, or even `==`, but that opens you up to timing attacks! You should be using a timing attack safe string comparison function...
Security Tips
Security Tip: Timebox for Timing Attacks
[Tip#38] Laravel is full of little helpers and features, and the Timebox is one that's often overlooked.
In Depth
In Depth: Timing Attacks
[InDepth#6] You can use response timing to infer important information.