1 views collected around this technical thread.
FunProxy is a Rust‑based, Tauri‑powered cross‑platform tool that provides high‑performance packet capture, cloud‑managed hosts and rules, collaborative sharing, and extensible plugins for full‑link testing and proxying across Windows, macOS, Linux, Android, iOS and web, delivering secure, low‑memory, fast startup testing.
The article outlines prevalent front‑end security threats such as XSS, SQL injection, CSRF, MITM, clickjacking, misconfiguration, and vulnerable dependencies, explains their underlying principles, and recommends practical mitigations including input validation, CSP, HTTPS/TLS, CSRF tokens, secure headers, regular audits, and dependency scanning.
This article explains the fundamentals of the HTTP protocol, demonstrates how man‑in‑the‑middle attacks exploit its plaintext nature, discusses symmetric and asymmetric encryption attempts to mitigate these risks, and describes how HTTPS (TLS) and the CA trust model provide robust protection against such attacks.
This article explains the fundamentals of the HTTP protocol, illustrates its susceptibility to man‑in‑the‑middle attacks, discusses symmetric and asymmetric encryption attempts, and then details how HTTPS (TLS) and the CA trust model protect data transmission from interception and tampering.
Designing a login interface requires not only functional implementation but also comprehensive security measures such as protecting against brute‑force attacks, implementing captchas, login throttling, IP restrictions, mobile verification, and mitigating man‑in‑the‑middle threats, while balancing usability and system robustness.
This article examines common security threats to login APIs such as brute‑force attacks, CAPTCHA bypass, IP blocking, and man‑in‑the‑middle attacks, and presents practical mitigation techniques including rate limiting, captcha, phone verification, HTTPS, and encrypted transmission to harden authentication systems.
This article explains the inherent insecurity of plain HTTP, illustrates man‑in‑the‑middle attacks, shows why simple symmetric encryption is insufficient, and details how HTTPS (SSL/TLS) with asymmetric key exchange and CA verification protects data transmission.
This article explains the fundamentals of the HTTP protocol, illustrates its susceptibility to man‑in‑the‑middle attacks, discusses mitigation techniques using symmetric and asymmetric encryption, and describes how HTTPS with TLS and a CA certification system protects data integrity and confidentiality.
This article explains why plain HTTP is insecure, illustrates man‑in‑the‑middle attacks, discusses symmetric and asymmetric encryption attempts, and details how HTTPS (SSL/TLS) with CA certificate verification protects data integrity and confidentiality.
This article explains what a Man‑in‑the‑Middle (MITM) attack is, illustrates it with a classic mailbox analogy, and describes how HTTPS, digital certificates, and the HSTS policy work together to prevent such attacks and ensure secure web communications.
The article explains how malicious JavaScript can turn browsers into participants of DDoS attacks through techniques like server hijacking and man‑in‑the‑middle injection, and describes how HTTPS and the emerging Subresource Integrity feature can help protect websites from such threats.