security

#theme-toggle,.top-link{display:none}@media(prefers-color-scheme:dark){:root{--theme:#1d1e20;--entry:#2e2e33;--primary:rgba(255, 255, 255, 0.84);--secondary:rgba(255, 255, 255, 0.56);--tertiary:rgba(255, 255, 255, 0.16);--content:rgba(255, 255, 255, 0.74);--hljs-bg:#2e2e33;--code-bg:#37383e;--border:#333}.list{background:var(--theme)}.list:not(.dark)::-webkit-scrollbar-track{background:0 0}.list:not(.dark)::-webkit-scrollbar-thumb{border-color:var(--theme)}}

Do not send sensitive data via email

Sending sensitive data via email is a bad idea for several reasons. We might be inclined to think that we can first encrypt our documents before sending them, but we soon realize that we have another problem – how do we send the password to our recipient? Of course, we can’t send the password via email. What some companies have done is to use a password that is known to the customer, like their date of birth or account number and even include the format for the password....

Security tools and resources

Learn Awesome AppSec - curated list of resources for learning about application security Damn Vulnerable Web App (DVWA) - a vulnerable web application used for security training OWASP Juice Shop - a vulnerable web application used for security training OWASP Node Goat - a vulnerable web application used for security training with tutorials XCS100: Introduction to Web Security - a free introductory course to web security by Stanford University Offensive Security News Insecure....