Skip to main content
Information Security

All Questions

Ask Question
Tagged with
7 questions
NewestActiveBountiedUnanswered
0votes
1answer
270views

Impact of the System Information Leak

Our application stored **e.printstacktrace()** in a log file, which is accessible to a specific user group. We need such detailed information for debugging purposes. As per the security team, they are ...
useradmin1234's user avatar
useradmin1234
  • 449
1vote
2answers
344views

How to explain to our developer manager the benefits of using a linter also as a security feature?

Someone mentioned that linters would have helped not only for keeping the code looking better and friendlier, but also safer. ESlint has a rule to indicate, for example, to use {} which would have ...
Filipon's user avatar
Filipon
  • 1,304
1vote
1answer
1kviews

How to Check Open Source Code for Vulnerabilities? [closed]

I am a member in bug bounty platform. There are some programs that make their source code available to the hackers to find vulnerabilities. For example, their PHP, JS, C++, or ruby code. I want to ...
iheb hamad's user avatar
iheb hamad
  • 23
-1votes
1answer
328views

Secure PHP coding without frameworks

I am very new to PHP and some people said that writing PHP code without a framework is insecure. I am not sure about that! Is it possible to write highly secure code without any frameworks? If so, ...
Sumithran's user avatar
Sumithran
  • 103
2votes
1answer
2kviews

Is using IsBadReadPtr and IsBadWritePtr considered to be insecure?

I am auditing (reverse engineering) an x86 C++ application without source code. Static analysis revealed that the application is using the IsBadReadPtr and IsBadWritePtr Win32 functions in almost ALL ...
madmax25's user avatar
madmax25
  • 21
2votes
2answers
2kviews

Way to find security bugs in Scala source code open-source way?

I looked on Web to find way for finding security bugs specially SQL Injection and XSS in Scala code with little success. Some posts recommended to write custom detectors for FindBugs plugin, others ...
Krishna Pandey's user avatar
Krishna Pandey
  • 1,507
55votes
5answers
5kviews

Should security-critical code be reused or rewritten?

Usually, in programming, reusing code is always a better idea than writing your own implementation of an algorithm. If an implementation has been around for a long time and is still used by lots of ...
Hadrien G.'s user avatar
Hadrien G.
  • 795

close