Selcouth Cyber Security Services Private Limited

AppSec

4 Results / Page 1 of 1

Background

AppSec + InfoSec + Web Attacks acc3ssp0int / February 15, 2021

OAuth 2.0 – Part Three

Hello everyone, in this final installation of the OAuth blog series, we’ll be covering two vulnerabilities in the OAuth implementation. If you haven’t checked out the previous parts you can check out part one here and part two here. Before we get started, a big thanks to PortSwigger and their ...

AppSec + InfoSec + Web Attacks acc3ssp0int / February 2, 2021

OAuth 2.0 – Part two

Continuing our previous post, where we discussed the basics of how OAuth 2.0 authentication worked, some known issues which arise due to either lack of understanding of the framework itself, or poor configuration of the same. In this blog, we’ll talk a little bit in detail of the vulnerabilities we ...

AppSec + InfoSec + Web Attacks acc3ssp0int / January 22, 2021

OAuth 2.0 – Part one

At least once till date, you must’ve come across  sites that let you log in using your social media account [Facebook, LinkedIn, Google & various such platforms] The chances are that this feature is built using the well known OAuth 2.0 framework. This framework is liked by Pentesters because it ...