CodeClarityLab / Glossary
Ctrl K
← Home ← Codex ← DEBT
Browse by Category
+ added · updated 7d
⚖ Terms of Use ✉ Contact

Tag: security

158 terms of 1466 total · page 4 of 8

🤖 AI Guestbook — #security educational data only
| |
Last 30 days
7 pings — 2026-05-06 W 57 pings — 2026-05-07 T 48 pings — 2026-05-08 F 140 pings — 2026-05-09 S 46 pings — 2026-05-10 S 15 pings — 2026-05-11 M 13 pings — 2026-05-12 T 29 pings — 2026-05-13 W 17 pings — 2026-05-14 T 78 pings — 2026-05-15 F 15 pings — 2026-05-16 S 23 pings — 2026-05-17 S 34 pings — 2026-05-18 M 19 pings — 2026-05-19 T 32 pings — 2026-05-20 W 44 pings — 2026-05-21 T 61 pings — 2026-05-22 F 213 pings — 2026-05-23 S 25 pings — 2026-05-24 S 23 pings — 2026-05-25 M 28 pings — 2026-05-26 T 60 pings — 2026-05-27 W 158 pings — 2026-05-28 T 20 pings — 2026-05-29 F 29 pings — 2026-05-30 S 25 pings — 2026-05-31 S 33 pings — 2026-06-01 M 32 pings — 2026-06-02 T 91 pings — Yesterday W 128 pings — Today T
Agents 128
Amazonbot 17Perplexity 10ChatGPT 6Scrapy 4Google 2SEMrush 1
ChatGPT 8Perplexity 7Amazonbot 7Google 2SEMrush 1Claude 1Scrapy 1
Amazonbot 1.3kChatGPT 1.1kPerplexity 979Google 519Ahrefs 464SEMrush 352Unknown AI 301Claude 221Meta AI 173Scrapy 168Bing 140Majestic 43Qwen 19Sogou 4DuckDuckGo 2
Most referenced — #security
Static Analysis 6Input Validation vs Output Encoding 5Penetration Testing 5filter_var() 4Threat Modelling 4CSRF Token Handling in Fetch & Axios 3Responsible Vulnerability Disclosure 3SSL/TLS Certificate Types 3
Input Validation vs Output Encoding 6Environment Variables 5CSRF Token Handling in Fetch & Axios 4password_verify() 3Secrets Management 3PDO 3Forward Secrecy 3Safe Mode — What It Was & Why It Failed 2
Type Coercion 190password_hash() — Native Bcrypt (PHP 5.5) 172CSRF Token Handling in Fetch & Axios 168preg_replace /e Modifier (Removed) 157allow_url_fopen / allow_url_include 115Responsible Vulnerability Disclosure 81PHP End-of-Life Schedule & Security Implications 76extract() — Dangerous Variable Injection 64
How they use it
crawler 5.2k crawler_json 527 pre-tracking 84
Tag total5.8k pings Terms pinged158 / 158 Distinct agents14
Sort A → Z Recently Added Recently Updated Difficulty Most Viewed Most Rated Most Shared
Level All Beginner Intermediate Advanced Tag: security
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Cloud VPC & Networking
Virtual Private Cloud — private subnets for databases/workers, public subnets for load balancers only, security groups as stateful firewalls.
3mo ago cloud intermediate
Column-Level Encryption PHP 7.1+
Encrypting sensitive database columns (SSN, credit card, medical data) — application holds the key; database never sees plaintext; breach exposes only ciphertext.
3mo ago database advanced
Cookie Security Attributes PHP 7.3+
Modern cookie prefixes (__Host-, __Secure-) and the Partitioned attribute enforce strict security properties that cannot be overridden by JavaScript or subdomains.
3mo ago security advanced
Cryptographic Hash Functions PHP 5.1+ 🧠 1
One-way functions producing a fixed-length digest — SHA-256, SHA-3, and BLAKE3 are secure for data integrity; MD5 and SHA-1 are broken and must not be used for security.
3mo ago cryptography intermediate
Cryptography Common Mistakes PHP 7.1+
IV reuse, ECB mode, rolling your own crypto, timing vulnerabilities, and SHA-256 for passwords — the most frequent implementation errors.
3mo ago cryptography intermediate
Dependency Audit & CVE Scanning PHP 5.0+
Automated scanning of project dependencies for known vulnerabilities (CVEs) — composer audit, npm audit, and tools like Snyk run in CI to catch vulnerable packages before deployment.
3mo ago general intermediate
Dependency Confusion Attack PHP 5.0+
An attacker publishes a public package with the same name as a private internal package — package managers may fetch the malicious public version instead of the private one.
3mo ago security advanced
Dependency Management Philosophy PHP 5.3+
Every dependency is a liability — prefer few well-maintained packages; pin versions via composer.lock; audit regularly.
3mo ago general intermediate
Deserialization Gadget Chains PHP 5.0+
PHP object injection exploits that chain existing class methods (__wakeup, __destruct, __toString) to achieve remote code execution when unserialize() processes attacker-controlled data.
3mo ago security advanced
DSN Security & Connection String Secrets PHP 5.0+
Database credentials in connection strings must never be hardcoded — use environment variables or secrets managers, least-privilege users, and never log DSNs.
3mo ago database intermediate
Encryption in Transit 🧠 1
Encrypting data moving between systems using TLS — protecting against interception, tampering, and man-in-the-middle attacks on all network communication.
3mo ago cryptography intermediate
Environment Variables PHP 5.0+
Key-value pairs inherited by child processes — the standard way to pass configuration, credentials, and runtime settings to PHP applications without hardcoding.
3mo ago linux intermediate
Fuzz Testing PHP 7.0+
Automatically generating random, unexpected, or malformed inputs to find crashes, assertion failures, and security vulnerabilities that manual test cases miss.
3mo ago testing advanced
GraphQL Security PHP 7.0+
GraphQL's flexibility creates unique security challenges — introspection exposure, unbounded query depth, N+1 amplification, and injection through dynamic resolvers.
3mo ago security advanced
Hardcoded Credentials PHP 5.0+
Passwords, API keys, or tokens written directly into source code — permanently exposed to anyone with repository access and impossible to rotate without a code change.
3mo ago security beginner
Insecure Randomness PHP 7.0+
Using non-cryptographic random functions (rand(), mt_rand(), array_rand()) for security tokens — these are predictable and enable token forgery, session prediction, and CSRF bypass.
3mo ago security intermediate
Linux User & Group Management
Managing users and groups on Linux servers — useradd, usermod, passwd, groups — and best practices for PHP web server user isolation and privilege separation.
3mo ago linux intermediate
MIME Sniffing & X-Content-Type-Options PHP 5.0+
Browsers that sniff file content to guess MIME type can execute uploaded HTML/JavaScript files as scripts — X-Content-Type-Options: nosniff prevents this.
3mo ago security intermediate
Missing CSRF Protection PHP 5.0+
A state-changing form or endpoint that lacks a CSRF token allows attackers to forge authenticated requests from any website the victim visits.
3mo ago security intermediate
OpenID Connect (OIDC) PHP 7.0+
An identity layer on top of OAuth 2.0 — while OAuth 2.0 handles authorisation (access to resources), OIDC adds authentication (who the user is) via the ID token.
3mo ago networking intermediate
✓ schema.org compliant