by TCMS Staff | Jul 16, 2025 | Security, Web Applications
Every web application is vulnerable to a type of attack in which a malicious third party repeatedly connects to your web server and/or makes bulk HTTP requests, consuming resources and preventing other legitimate requests from being processed. This is called a Denial...
by Josh Daniels | Apr 25, 2025 | Learning, Web Applications
From ordering takeout to filing our taxes, we interact with applications that operate on the web every day. Some of these applications are rigorously tested and hardened against exploitation from malicious actors, and some are not, but even the best-developed...
by Alex Olsen | Mar 12, 2025 | Web Applications
One of the most overlooked yet effective techniques in our toolkit when pentesting web applications is code review. Unlike automated scanning and some black-box testing, code review digs into an application’s logic, uncovers subtle or blind vulnerabilities, and...
by TCMS Staff | Jan 29, 2025 | Web Applications
Every four years, the Open Web Application Security Project (OWASP) publishes a top ten list of the most critical security risks that web applications are prone to. This list was last published in 2021, marking 2025 as the year for an update. OWASP utilizes a plethora...
by Alex Olsen | Dec 18, 2024 | Web Applications
What is Prototype Pollution? Prototype pollution is a critical vulnerability that affects JavaScript applications by allowing an attacker to manipulate the prototype of JavaScript objects, often leading to unexpected and dangerous behaviors throughout the application....
by Alex Olsen | Nov 6, 2024 | Web Applications
Today we will delve into the key concepts and principles of application security, providing a comprehensive overview for developers, IT professionals, and business leaders alike. Application security is a fundamental aspect of software development that can make or...
