CodeClarityLab / Glossary
Ctrl K
← Home ← Codex ← DEBT
Browse by Category
+ added · updated 7d
Pages
Terms of Use About Contribute 🧠Logic graph Contact

Tag: security

159 terms of 1489 total · page 1 of 8

🤖 AI Guestbook — #security educational data only
| |
Last 30 days
21 pings — 2026-05-13 W 11 pings — 2026-05-14 T 56 pings — 2026-05-15 F 11 pings — 2026-05-16 S 20 pings — 2026-05-17 S 30 pings — 2026-05-18 M 18 pings — 2026-05-19 T 31 pings — 2026-05-20 W 39 pings — 2026-05-21 T 54 pings — 2026-05-22 F 205 pings — 2026-05-23 S 24 pings — 2026-05-24 S 23 pings — 2026-05-25 M 27 pings — 2026-05-26 T 60 pings — 2026-05-27 W 156 pings — 2026-05-28 T 20 pings — 2026-05-29 F 29 pings — 2026-05-30 S 25 pings — 2026-05-31 S 33 pings — 2026-06-01 M 32 pings — 2026-06-02 T 91 pings — 2026-06-03 W 130 pings — 2026-06-04 T 269 pings — 2026-06-05 F 188 pings — 2026-06-06 S 360 pings — 2026-06-07 S 270 pings — 2026-06-08 M 140 pings — 2026-06-09 T 117 pings — Yesterday W 47 pings — Today T
Agents 47
Ahrefs 20Google 13ChatGPT 4Sogou 3Perplexity 2Scrapy 2SEMrush 1Common Crawl 1Bing 1
Scrapy 70Ahrefs 17SEMrush 12Google 6Perplexity 4ChatGPT 3Bing 2Claude 2Sogou 1
Amazonbot 1.3kScrapy 1.3kChatGPT 1.1kPerplexity 985Google 620Ahrefs 517SEMrush 395Unknown AI 301Claude 223Meta AI 173Bing 151Majestic 69Qwen 20Sogou 18DuckDuckGo 2Common Crawl 1
Most referenced — #security
PHP Sessions 2Tagged Template Literals 2filter_var() 2API Rate Limiting 2PHP Session 2mime_content_type() 2allow_url_fopen / allow_url_include 1Prototype Chain Errors & hasOwnProperty 1
CSRF Token Handling in Fetch & Axios 4Type Coercion in Authentication Checks 4Dependency Audit & CVE Scanning 4DSN Security & Connection String Secrets 4iptables and netfilter 4password_hash() 3Environment Variables 3extract() — Dangerous Variable Injection 3
Type Coercion 204CSRF Token Handling in Fetch & Axios 178password_hash() — Native Bcrypt (PHP 5.5) 176preg_replace /e Modifier (Removed) 167allow_url_fopen / allow_url_include 125Input Validation vs Output Encoding 107Static Analysis 98PHP End-of-Life Schedule & Security Implications 93
How they use it
crawler 6.5k crawler_json 530 pre-tracking 84
Tag total7.2k pings Terms pinged159 / 159 Distinct agents15
Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced Tag: security
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
iptables and netfilter
Kernel packet-filtering framework (netfilter) and its classic userspace tool (iptables) for firewalling, NAT, and packet mangling.
5d ago linux advanced
Forward Secrecy PHP 7.4+
A key-exchange property where ephemeral session keys are discarded after use, so a future compromise of long-term keys cannot decrypt past sessions.
CWE-327 OWASP A02:2021-Cryptographic Failures
2w ago cryptography advanced 5.9
Client-Side Template Injection (CSTI)
Attacker-controlled input rendered as a template expression by a client-side framework (AngularJS, Vue, Handlebars), executing JavaScript in the victim's browser.
CWE-1336 OWASP A3:2021
1mo ago security advanced 7.5
CSS Injection & Data Exfiltration via Stylesheets
Attacker-controlled CSS injected into a page or stylesheet that exfiltrates data via attribute selectors and `url()` callbacks, defaces UI, or enables phishing — all without a single line of JavaScript.
CWE-79 OWASP A3:2021
1mo ago security advanced 6.5
DOM Clobbering
Attack where injected HTML elements with controlled `id` or `name` attributes overwrite JavaScript globals or document properties, weaponising script-less HTML injection into code execution.
CWE-79 OWASP A3:2021
1mo ago security advanced 6.5
NoSQL Injection PHP 5.4+ 🧠 2
Attacker-controlled input embedded into NoSQL queries (MongoDB, Redis, Couchbase) that subverts query intent — bypassing auth, exfiltrating data, or executing server-side code.
CWE-943 OWASP A3:2021
1mo ago security intermediate 8.8
Server-Side Includes (SSI) Injection
Attacker-controlled SSI directives (`<!--#exec ... -->`) injected into pages parsed by Apache or another SSI-enabled server, achieving file disclosure or remote command execution.
CWE-97 OWASP A3:2021
1mo ago security intermediate 9.8
Software Composition Analysis (SCA)
The practice and tooling for identifying all open-source and third-party components in a codebase, detecting known vulnerabilities (CVEs) in them, and flagging licence risks — distinct from static analysis of your own code.
2mo ago security intermediate
Brute-Force Protection
Defences against automated credential-guessing attacks — rate limiting login attempts, account lockout, CAPTCHA, and multi-factor authentication to make guessing passwords computationally infeasible.
CWE-307 OWASP A7:2021
2mo ago security intermediate
HTTP Cookies in PHP PHP 7.3+
Cookies are small key-value pairs sent by the server via Set-Cookie and echoed back by the browser on every request — PHP sets them with setcookie() before any output, with Secure, HttpOnly, and SameSite flags controlling safety.
2mo ago php beginner
Insecure Deserialization
Deserializing attacker-controlled data can trigger arbitrary object construction and method calls — PHP's unserialize() with untrusted input enables remote code execution via gadget chains in the loaded class graph.
CWE-502 OWASP A8:2021
2mo ago security advanced
OAuth 2.0
An authorisation framework that lets users grant third-party applications limited access to their resources without sharing passwords — using short-lived access tokens issued via defined flows for different client types.
CWE-287 OWASP A7:2021
2mo ago security intermediate
Timing Attacks
Side-channel attacks that infer secret values by measuring how long an operation takes — a string comparison that short-circuits on the first mismatch leaks information about the secret one character at a time.
CWE-208
2mo ago security advanced
Dependency & Supply Chain Security
Protecting applications from malicious or vulnerable third-party packages — covering transitive dependencies, lock files, SRI hashes, CVE scanning, and supply chain attack vectors.
CWE-1357 OWASP A6:2021
2mo ago security intermediate
Mixed Content (HTTP on HTTPS)
When an HTTPS page loads resources (images, scripts, stylesheets) over HTTP — browsers block active mixed content and warn on passive, undermining the security of the HTTPS connection.
CWE-319
2mo ago security intermediate
Linux File Permissions 🧠 1
Read, write, and execute permissions assigned to owner, group, and others — the foundation of Linux access control for web application files.
CWE-732 OWASP A5:2021
2mo ago linux beginner 7.5
PDO query() vs prepare() PHP 5.1+
PDO query() executes raw SQL immediately — prepare() parameterises it. query() must never include user-controlled values.
CWE-89 OWASP A3:2021
2mo ago php beginner 9.8
PDO::ATTR_EMULATE_PREPARES PHP 5.1+
Controls whether PDO sends real prepared statements to the database or emulates them client-side in PHP.
CWE-89 OWASP A3:2021
2mo ago php intermediate
Diagram: AI Context Poisoning AI Context Poisoning 🧠 2
An adversarial technique where malicious instructions are injected into an LLM's context window — via user input, retrieved documents, or tool results — to hijack the model's behaviour.
2mo ago ai_ml advanced
Diagram: AI Guardrails AI Guardrails 🧠 4
Runtime constraints and safety filters applied around LLM calls to detect, block, or rewrite inputs and outputs that are harmful, off-topic, or policy-violating.
2mo ago ai_ml intermediate
✓ schema.org compliant