• 2021-01-10
  • 7 minutes

The Log Forging Vulnerability And How To Fix It

The Log Forging vulnerability, also known as Log Manipulation is a really low ranked vulnerability that in a lot of cases its to farfetched to be reliably exploited, but on others can be quite easy and cause real damage. In this post we’ll understand what is log forging and see many different conditions that can […]
Continue Reading
  • 2020-03-27
  • 4 minutes

Auth Token in LocalStorage

Getting right to the point: storing a token in LocalStorage is insecure.It’s getting more and more common to use token based authentication, specially on Single Page Applications (SPA) that need to communicate with an API. That is a good thing, and I really like the idea of JWT tokens. Why localStorage is bad Well, when […]
Continue Reading