mgm News archive
New Can I Trust Test Case: Browser returns secret out of pre-cached response in a CORS-Request
#1 – New Can I Trust Test Case – Browser returns secret out of pre-cached response in a CORS-Request
Update – WordPress Author Security
Update: Our WordPress Author Security Plugin is now available in the WordPress Plugin Store.
WordPress Author Security
How can you actively prevent usernames from being enumerated on WordPress author pages?
Pentest FAQ – #18 and #19 – How are vulnerabilities found evaluated? And what is the CVSS?
In our Big Application Security Penetration Test FAQ for clients we answer everything you should know before, during and after the commissioning of an Application Security Penetration Test.
In focus today: Questions #18 and #19 – How are vulnerabilities found evaluated? And what is the CVSS?
Attack Afternoon – CSRF Countermeasures #2
CSRF Countermeasures #2: Another way to protect against CSRF – stateless – is the Double Submit Cookie method.
NinjaDVA – Our Training Environment
The NinjaDVA is our comfortable and flexible training environment.
Tool Tuesday – sqlmap
Is your web application vulnerable to SQL Injection? With sqlmap you can test it.
Attack Afternoon – CSRF Countermeasures #1
CSRF Countermeasures #1: One possibility to prevent CSRF is the usage of an anti-CSRF token.
Attack Afternoon – CSRF
CSRF stands for “Cross-Site Request Forgery” and is a classic among web application attacks. With this attack, it is possible to perform certain user actions without them noticing it. But how exactly does this attack work?
it-sa 2019 – Lean Application Security
At the it-sa 2019 we will present our innovative consulting concept Lean Application Security.