How a hands-on DevSecOps certification and several real projects – Python tasks, a Django shop, APIs and infrastructure automation – changed the way I think about security.
An introduction to HashiCorp Vault: what it is, what it does, and how the concept of centralised secrets management is meant to work
Learn how String.fromCharCode() can bypass filters that remove quotes, and why filtering specific characters isn't enough for XSS protection
Learn how JavaScript template literals can bypass filters that remove parentheses, and why filtering specific characters isn't enough for XSS protection
Learn how JSFuck can bypass filters that remove alphanumeric characters, and why simple character filtering is insufficient for XSS protection
Exploring how persistent XSS vulnerabilities can be exploited through API endpoints and how to prevent them
A beginner-friendly walkthrough of three XSS challenges that teach you exactly what Cross-Site Scripting is and how it works through hands-on practice
A comprehensive introduction to Cross-Site Scripting (XSS) attacks, covering types, techniques, and defense strategies
Building a custom tool for discovering hidden routes in Single Page Applications using headless browser automation
A practical guide to brute force attacks, demonstrating exploitation techniques and mitigation strategies using OWASP Juice Shop
Personal introduction to web security testing and the OWASP Juice Shop learning journey