OWASP Top 10: Broken Access Control
In this blog post, Raxis lead penetration tester Mark Fabian discusses broken access control and why it’s the most prevalent issue among the OWASP Top 10.
Year: 2021
-
-
Scottie Cole, Lead Penetration Tester
From first responder to penetration tester, Scottie Cole knows how to work under pressure. Learn more about him here.
-
2021 OWASP Top 10 Focus: Injection Attacks for Penetration Testing
The latest draft of the OWASP Top 10 has been released. Though injection is #3, Raxis’ Matt Dun explains why that doesn’t mean the threat is any less severe.
-
Nagios XI Stored Cross-Site Scripting (XSS): CVE-2021-38156
Nagios is open-source network and system monitoring software. Raxis’ Matt Dunn has discovered a cross-site scripting vulnerability that could leave users open to attack.
-
Keep Your Cookies in the Cookie Jar: HttpOnly and Secure Flags
How can cookies be used against you? And how do you keep that from happening? Raxis’ Matt Dunn explains.
-
Hurricane Ida: Limiting the Damage
Lead penetration tester Scottie Cole is a Gulf Coast resident and former first responder. Read his tips for avoiding hackers and scams that can be as costly as a natural disaster.
