New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support
Educate 360
New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support
Educate 360
New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support LMS Login Login
TCM-Sec-Primary-Logo
Get a Free Consultation
Encoding and Decoding Primer

Encoding and Decoding Primer

When testing web applications, the understanding and use of various encoding schemes is a fundamental skill. In particular, we often see Base64, URL encoding, and HTML encoding used across many applications both as part of the application’s general functionality and...
BFLA: Broken Function Level Authorization

BFLA: Broken Function Level Authorization

Application Programming Interfaces (APIs) are at the heart of modern applications, enabling functionality, communication and acting as a bridge between different software components. A common issue that’s found though is Broken Function Level Authorization (BFLA), and...
ID Tokens vs Access Tokens: What’s the Difference?

ID Tokens vs Access Tokens: What’s the Difference?

In the realm of secure authentication, two key elements often come to the fore: ID tokens and access tokens. Though these elements might seem similar, understanding their differences, common pitfalls, and best practices is crucial in ensuring the security of your...
Clickjacking 101: What is Clickjacking and How Does it Work?

Clickjacking 101: What is Clickjacking and How Does it Work?

Clickjacking, also known as UI Redressing, is a technique that tricks users into clicking on unintended elements on a website. By using hidden elements, attackers deceive users into performing actions that they did not intend to carry out. Learn more about...
Learn WebApp Pentesting: 2023 Edition

Learn WebApp Pentesting: 2023 Edition

In 2023, there are more resources to learn new skills and progress than ever. However, this industry is also moving and growing rapidly, and more isn’t necessarily better. The phrase “drinking from a fire hose” comes to mind. Today we’re going to be looking at a path...
OWASP API Top10 2023 Candidate List, So What’s New?

OWASP API Top10 2023 Candidate List, So What’s New?

2023 Candidate List Broken Object Level Authorization Broken Authentication Broken Object Property Level Authorization Unrestricted Resource Consumption Broken Function Level Authorization Server Side Request Forgery Security Misconfiguration Lack of Protection From...