Security terms

2 terms of 1444 total

🔒 Defending code from the threats that never sleep

Security vulnerabilities do not announce themselves — they wait quietly in code that looks perfectly fine on the surface. This category covers attack vectors, defensive techniques, secure coding practices, and the mental models that help you think like an attacker before one finds you. From SQL injection and XSS to authentication flaws and cryptographic pitfalls, understanding these terms is not optional — it is professional responsibility.

Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared

Level All Beginner Intermediate Advanced

✕ Clear A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

JWT Algorithm Confusion (alg:none & RS→HS) PHP 5.0+

Forging JWTs by exploiting libraries that accept alg:none or by switching an RS256 public key into HMAC-SHA256 signing.

CWE-327 OWASP A2:2021

2mo ago security intermediate 9.1

JWT Vulnerabilities PHP 7.0+

Misimplemented JSON Web Token handling allows attackers to forge tokens, bypass authentication, or escalate privileges.

CWE-287 OWASP A2:2021

2mo ago security intermediate 8.8