Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Everything / security
Submit your article

Security

security

Great Reads

Access REST Resources Secured By UAG from Mobile Device
by Daron Cox
If you're trying to integrate with UAG from a mobile device, this tip is for you!
Identity-Based Authentication in .NET Core 3.0 using In-Memory Database
by Prashant Rewatkar
This article demonstrates how to add Identity-Based Authentication in .NET Core 3.0 using In-Memory Database.
10 Points to Secure Your ASP.NET MVC Applications
by Saineshwar Bageri
In this article, we will run through 10 points which will help us to make our MVC code secure.
4 Ways to Prevent XSS Attacks: A Comprehensive Guide
by Retired Author
Cross-Site Scripting (XSS) is one of the most prevalent security vulnerabilities in web applications. It occurs when an attacker injects malicious scripts into content that users can view on a web page. These scripts can steal data, hijack user sessions, or perform other harmful actions.

Latest Articles

Access REST Resources Secured By UAG from Mobile Device
by Daron Cox
If you're trying to integrate with UAG from a mobile device, this tip is for you!
Identity-Based Authentication in .NET Core 3.0 using In-Memory Database
by Prashant Rewatkar
This article demonstrates how to add Identity-Based Authentication in .NET Core 3.0 using In-Memory Database.
10 Points to Secure Your ASP.NET MVC Applications
by Saineshwar Bageri
In this article, we will run through 10 points which will help us to make our MVC code secure.
4 Ways to Prevent XSS Attacks: A Comprehensive Guide
by Retired Author
Cross-Site Scripting (XSS) is one of the most prevalent security vulnerabilities in web applications. It occurs when an attacker injects malicious scripts into content that users can view on a web page. These scripts can steal data, hijack user sessions, or perform other harmful actions.

All Articles

top
Sort by Score
Title
Updated
Author
Score

security 

Identity-Based Authentication in .NET Core 3.0 using In-Memory Database
by Prashant Rewatkar
This article demonstrates how to add Identity-Based Authentication in .NET Core 3.0 using In-Memory Database.
10 Points to Secure Your ASP.NET MVC Applications
by Saineshwar Bageri
In this article, we will run through 10 points which will help us to make our MVC code secure.
401 and/or 403 and a Short Story of Secure RESTful
by rtybase
401 and/or 403 and a short story of secure RESTful
5 Tips to Get the Most out of Your Cloud Infrastructure
by Alibaba Cloud
Here are five top tips from our expert team to help you maximize the benefits of your cloud infrastructure.
A Beginner's Tutorial for Understanding and Implementing Password Hashing and Salting
by Rahul Rajat Singh
In this article we will discuss about securing the user passwords by using hashing and salting on the user passwords.
A Password safe built with Arduino Leonardo
by webmaster442
How to build a simple hardware password safe and login system with off the shelf components.
A Simple 32bit Ret2libc Attack in Linux
by Oscar-Tark
In this article, we will be looking at a more advanced version of a buffer overflow attack.
A simple plug-in engine using Reflection
by Vitaly Zhukov
This article describes how to create and use configurable plug-ins in your application.
A Step-by-Step Look At The Power Of Layer7 API Management
by A&I Solutions
Maximizing API potential requires the use of cutting-edge API management software. Layer7 API Management is a robust, comprehensive solution to managing your company’s APIs with precision.
Acunetix WVS – Audit Your Website Security
by Dirk_Strauss
Acunetix WVS audits your website security by running a host of tests. It then provides a concise report of issues it found. Not only does it do this, but it also suggests changes you need to make to fix the issues found.
AJAX Security
by ASP.NET Community
AJAX adds one more wrinkle to web security. I find that videos and demonstrations help me understand subtle topics like this.VideosSecurity in
An Absolute Beginner's Tutorial on Cross Site Scripting(XSS) Prevention in ASP.NET
by Rahul Rajat Singh
In this article we will try to see what is Cross Site Scripting(XSS).
An eCryptfs-Based Solution for Securing Your Data on Android
by Android on Intel
I will describe a new way to implement security for sensitive data based on eCryptfs (eCryptfs.org).
Application Security in n-tier Application on Windows Server
by openpage
Security attacks risk are minimised by careful planning of application design. If the application is distributed in nature, the challenges becomes manyfold. This article will try to give one way of doing so.
Application Security: Where You Want It, When You Need It with Visual Guard
by Jeffrey T. Fritz
I’ve been reviewing Novalys Visual Guard for the last 2 weeks, and found some really interesting nuggets in this package that would make my network administrators stand up and take notice.
ARC4 Encryption Library
by Pavel Bashkardin
ARC4 (Alleged RC4) Cryptography Provider Class Library
ASP.NET Core Security Overview
by Sriganesha Rao
This article provides an overview of ASP.NET Core security features.
Automated penetration testing in the Microsoft stack with OWASP ZAP
by GustavoMartins
Automate your penetration testing using the pentest tool ZAP and the
Azure Arc Enabled Servers Part 1: Introduction to Azure Arc for Developers and DevOps
by Florian Rappl
In this article we introduce Azure Arc as a way of integrating resources from other environments into Microsoft Azure.
Azure Arc Enabled Servers Part 3: Setting up Security, Sentinel, and Runbooks
by Florian Rappl
In this article we see how to set up security, Sentinel, and runbooks.
Beginners guide to a secure way of storing passwords
by StianSandberg
This article will explain how to securely store users passwords in a database.
Code Access Security
by ASP.NET Community
Code Access Security is one of the least-understood but most valuable aspects of the .NET Framework.WebcastsMSDN Webcast: Using Code Access
Create Custom Permission in Object Level
by taha bahraminezhad Jooneghani
Custom permission in object level with out sign in and out to affect to users
Creating a Production-Ready WebRTC App for Video Calls: 5 Considerations for Developers
by Pan Gupta
EnableX is a communication platform for embedding video/voice calls and messaging into any apps and sites. Built on a carrier-grade platform, it offers developers with all the necessary toolkits to develop engaging communication experience from one-to-one chats to large-scale broadcast/Webinar.
Creating a WCF Service with MSMQ Communication and Certificate Security
by Mohammad Sepahvand
Implementing a Simple, Secure WCF Service with MSMQ Communication
Creating Shellcode from any Code Using Visual Studio and C++
by The Ænema
Learn how to convert any code to a stable shellcode using Visual Studio 2019 and VC++ in easy steps!
Creating Twitter STS with ASP.NET MVC and WIF
by Dmitry Tretyakov
Step by Step tutorial describes how to create custom Security Token Service.
Creating Your Very Own x64 PE Packer/Protector from Scratch using C++
by The Ænema
This article brings you a very detailed but easy to learn experience on creating your own x64 PE packer/protector using only VC++!
Cross-Solution Microsoft Identity for Java Developers Part 1: Adding Authentication to a Spring Cloud Java Application Using Microsoft...
by Matthew Casperson
In this article we’ll explore integrating Azure AD and MSAL with a Spring Boot web application.
CR-XAM
by Jacob F. W.
A Simple But Surprisingly Effective Random Number Generator
CSHA1 - A C++ Class Implementation of the SHA-1 Hash Algorithm
by Dominik Reichl
CSHA1 - A C++ class implementation of the SHA-1 hash algorithm
Custom Roles Based Access Control (RBAC) in ASP.NET MVC Applications - Part 1 (Framework Introduction)
by Stefan Wloch
An introduction to custom roles based access control in an ASP.NET MVC application using the Entity Framework.
Cyber Security Techniques for Web Sites
by Phil_Pearl
The focus in this article is on avoiding over-the-wire security issues that can be addressed in web pages.
DAO. Short and Clear. Let's Create Our Own.
by Viktoria Dolzhenko
An introduction to the concept of DAO and a workshop on how to create your own
Data Encryption in Azure
by DataBytzAI
Overview of encryption at rest, in motion and in use with Azure Encryption
Decouple ASP.NET Core Identity, Authentication and Database Engines
by Zijian
Reusable codes for OAuth security in business applications
Destroy All Passwords: Never Memorize A Password Again
by raddevus
A novel approach to generate a secure way to login that doesn't require the user to ever memorize a password again. This method can be used with any web site, program, etc. and creates a more secure password than other methods.
DevOps needs DevSec
by Mark_Warren
Working with customers and partners, here is an overview of the need for DevSec and the five ‘best practice’ questions to ask when looking how to have a better ‘DevSec’ strategy
Difference between BasicHttpBinding and WsHttpBinding
by Shivprasad koirala
Difference between BasicHttpBinding and WsHttpBinding.
Document and Test API with Swagger UI
by Benktesh Sharma
More than often, developers test API, either through a browser request or using some clients such as POSTMAN, Advanced Rest Client (ARC).
Elevating During Runtime
by Michael Haephrati
How can an application elevate itself to gain "Admin" rights during runtime
Encrypting Communication between C# and PHP
by Scott Clayton
Set up encrypted secure communication between C# and PHP using the AES and RSA algorithms.
Evolution of Polymorphic Malware
by Kewin Rausch
An introduction on how these applications self-defend themselves against scanning techniques, and how they could have evolved from simple and naive forms to more sophisticated ones.
Getting Started With Predix - A Builders Journey - Episode 1
by Rich Dost
In this first episode we'll tackle the first thing, security. We are at the start of a journey. We'll learn about many Predix services and components. We'll find the good, the bad and the ugly, and we'll complain the whole way. After security we'll hit Asset and Analytics.
Globalizing your App Service with Front Door
by Lars_Klint
In this project, I’ll show you how with relatively little effort and cost your application can serve a global market thanks to Azure Front Door.
Halibut: a secure communication stack for .NET/Mono
by Paul Stovell
Secure alternative to WCF. JSON-RPC meets SSL meets .NET and Mono.
Hosting a Web App in AWS EC2
by Necmettin Demir
All steps to host a web app files in EC2 and accessing them through FTP
Hot Patching C/C++ Functions with Intel Pin
by Dan Sporici
This article discusses the idea of Hot Patching C/C++ functions using Intel Pin in order to remove known vulnerabilities
How to Reverse Engineer Software in a Right Way (for Windows)
by Anton Kukoba, Apriorit Inc, Sergii Bratus
The knowledge base needed to perform reverse engineering, basic principles of reverse engineering a piece of Windows software, disassemblers, and tools
How to Transform Binary Files into Powershell Script(s) in Order to Copy them Silently on a Server
by Federico Di Marco
A tool which creates one or more Powershell scripts which in turn recreate one or more binary files
how to use login control on remote computer (live web site)
by ASP.NET Community
step1. drag create use wizard and drop on design window on your web page(default1.aspx).step2. go to website tab and click on asp.net
How to Write Your ERC20 Tokens
by Viktoria Dolzhenko
Creating an erc20 Token using the hardhat Package and Typescript
IdentityServer3, WebAPI , MVC, ASP.NET Identity, Specflow: The Magnificent Five
by Veronica S. Zotali
This article shows how to configure IdentityServer3, when you need to authenticate and authorize usage of your WebAPI/MVC, for users stored in SQL Server.
Intel Business Client Platforms
by Russel Beutler
Whether you’re developing for unmanaged small business, or enterprise-level IT departments, 3rd Generation Intel® Core™ processor-based PC and mobile platforms are designed to help you meet the needs of your customers.
Intel® Device Protection Technology and McAfee Mobile Security for Android*
by Android on Intel
Recent industry reports indicate Android* is the OS in more than 59 percent of laptops, tablets and smartphones worldwide.
Intel® Hardware-based Security Technologies Bring Differentiation to Biometrics Recognition Applications Part 1
by Android on Intel
Intel® Hardware-based Security Technologies Bring Differentiation to Biometrics Recognition Applications
Intel® Hardware-based Security Technologies Bring Differentiation to Biometrics Recognition Applications Part 2
by Android on Intel
High Performance and Security Software-Based Encryption by Intel® Advanced Encryption Standard New Instructions and Intel® Secure Key
Internet of Things in Smart Home/Building
by Ramneekkalra
This article will surely give an idea how to develop a self-controlled, self-connected smart home/building.
Internet of Things Security Architecture
by Yuri Diogenes
The objective of threat modeling is to understand how an attacker might be able to compromise a system and then make sure appropriate mitigations are in place. Threat modeling forces the design team to consider mitigations as the system is designed rather than after a system is deployed.
Just another article on Cryptography, SSL and Digital Signature
by Dharmesh_Kemkar
Basics on Cryptography, SSL and Digital Signature
JWT Security Part 1 - Create Token
by Bart-Jan Brouwer
Learn how to create JWT and use with WebApi, REST and MVC all build with .NET Core
JWT Security Part 2, Secure REST Service
by Bart-Jan Brouwer
Learn how to create JWT and use with WebApi, REST and MVC All Build with .NET Core
JWT Security Part 3 - Secure MVC Application
by Bart-Jan Brouwer
Learn how to create JWT and use with WebApi, REST and MVC all build with .NET Core
KeePass Password Safe
by Dominik Reichl
KeePass is a free, open source, light-weight and easy-to-use password manager.
Kernel-Level Application Blacklisting with C++ and Windows
by Rahul Dev Tripathi
A comprehensive guide to developing and implementing kernel-level application - Blacklisting using C++ for enhanced system security.
Kubernetes Best Practices: Security
by Robert_Brennan
In this article let’s look at three common security challenges, and how to overcome them.
Manage security and redirection for non authorized access in MVC
by Yves Vaillancourt
How to apply security and redirection to a view when a user cannot access a controller or a controller action in MVC
Migrating a SQL Database with CLR Integration from Old SQL Server Versions
by Bruno van Dooren
Ways to deal with changed security for CLR code in SQL databases
Missteps in Securing Autonomous Vehicles
by Intel
It is important to institute optimal security capabilities as part of the design and core functions (Hardware, Firmware, OS/RTOS, software, endpoints, networks, etc.) to protect passengers and pedestrians from potentially catastrophic accidents resulting from digital compromises
Mule ESB + PGP: Pretty Good Privacy
by RajeshKumar D
Configuring PGP Encryption and Decryption part of MULE ESB
N - tier project with WCF OData service, Entity Framework, MVC3.0, Ninject DI, jSOn.net and Automapper
by Vijay Tanwar
N-Tier application with WCF Odata service and Entity Framework.
No need to Store, Encrypt or Memorize Passwords!
by Sergey Alexandrovich Kryukov
Generator of highly secure passwords based on cryptographic hash and master password, which should be memorized; no password storage is involved.
Overview of Azure Key Vault
by DataBytzAI
What is Azure Key Vault and where is it useful?
OWASP #6 Preventing Sensitive Data Exposure in ASP.NET – Part 1
by Max R McCarty
OWASP's #6 most vulnerable security risk has to do with keeping secrets secret.
OWASP #6 Preventing Sensitive Data Exposure in ASP.NET – Part 2
by Max R McCarty
How are you storing that sensitive application data and should you be?
Password Flows Middleware for Express-based Applications
by Ohad Redlich
authentication-flows-js is a powerful and highly customizable middleware for Node.js that covers all flows that any express-based authentication-server needs
Poor Man Web Monitoring Tools
by Bryian Tan
This article shares the idea on how to utilize free tools to download log files from server, upload IIS log files into the database, display the results and compare the baseline and production files.
Protecting .NET 4.+ Application By C++ [Unmanaged]
by The Ænema
Inject your 4.5 framework .NET application into a C++ unmanaged host application - fast, secure & without any extra tool or library.
Protecting Data Transfer in Documentum REST Services
by Peng Qiu
In this article, we will talk about what web security related configuration parameters help protect the transfer data in the REST API and how to configure them.
Protecting Electron Based Applications by Using a Native Bridge
by The Ænema
In this article, you will learn an easy way to protect your critical code logic in electron-based applications using a C++ native library.
Resilient High Availability VPN with Kill Switch in OpenWRT Routers
by hemanthk119
An algorithm and a set of scripts which work in a closed loop on an OpenWRT router that enable resilient and high availability VPN (openvpn) connection for all connected router clients
Reverse Engineering with OllyDbg
by Ajay K. Yadav
The objective of writing this paper is to manifest, how to crack an executable without peeping its source code by exercising OllyDbg tool.
Rogue Wave OpenLogic: A Review
by Chris_Riley
I recently spent some time with Rogue Wave OpenLogic product. OpenLogic is an “open source” component review tool.
Role Based Security Architecture Using .NET MVC & JS
by Tushar_Gupta
A custom security architecture for role based access to components in a page
Role Providers
by ASP.NET Community
Here are a few good tutorial articles that provide a good conceptual overview of how the new membership and role management system works. Check out
Row Level Data Security in Tableau - Part 1
by Imran Abdul Ghani
Step by Step Implementation of Row Level Data Security in Tableau
Salted Password Hashing - Doing it Right
by adriancs, Taylor Hornby
Securing Password by Hashing with Salt
Secure Authentication for Web Applications: Avoiding Password Storage to Mitigate Cybersecurity Risks
by Denny Boechat
The Importance of Secure Authentication in Web Applications and the Role of Identity Providers
Secure Spike Engine Websockets with TLS/SSL
by Kel_
Securing Spike Engine HTTP & Websockets with TLS/SSL layer.
Secure Spring Boot Web Application with Spring Security
by Han Bo Sun
In this article, I will show the reader how to secure a web application based on Spring Boot and WAR archive, using the Spring Security and Tags. The application will have a login page, page access based on user roles, login failure, and access denied pages.
securelocker: an httplite "pretty secure" file storage locker
by Michael Sydney Balloni
An exciting proof-of-concept that sews httplite with security components
SecurePHPWebAppCoding - Cross Site Scripting(XSS) - What is it and How to Stop It?
by Abani Kumar Meher
This article explains few scenarios where XSS attack can be done, how we make mistake while creating web application which leads to XSS vulnerability and what should be done to prevent XSS attacks.
SecurePHPWebAppCoding - SQL Injection - What is it and How to Stop It?
by Abani Kumar Meher
This article describes how we write code while developing web application which results in SQL injection vulnerability and how we should write code to prevent it.
Security Best Practices for Android 5.0
by Android on Intel
In this article, I will describe four best practices for Android device management.
Security Engineer Manifesto
by CdnSecurityEngineer
Security Engineer manifesto
Security Guidelines and Recommendations
by ASP.NET Community
There's a great deal of good prescriptive security guidance out there in the form of whitepapers and books.Whitepaperspatterns & practices
Security in Angular - Part 1
by Paul D. Sheriff
A technique for securing Angular 2/6 applications
Security in Angular - Part 2
by Paul D. Sheriff
Part 2 of how to add security to our Angular applications
Security Issues - Overview and Examples
by Paulo Zemek
Lately I am dealing a lot with security issues and, as I am thinking about security all the time, I decided to write this post. Yet, don't expect me to talk about the newest cases.So, first, what is considered a security issue?I don't have a perfect answer but maybe we can say that if anything in an
Self-Hosted Artificial Intelligence: Keeping Control of Your Data
by Chris Maunder
In this article we will explore how self-hosted AI, specifically CodeProject.AI Server, empowers businesses to leverage the power of AI while maintaining control over their data.
Selfhosted Secure WCF by Id password, custom validation
by Himanshu Thawait
No config file needed – all setting in code only, No IIS – Self hosted, consume by channel factory
Separating Features and Authorisation. Getting More Done and Improving Quality in the Middle Tier.
by Olubisi Akintunde
Application Managed Authorisation using Dependency Injection and Interception
Server error response vulnerability - HTTP 500
by Bryian Tan
Server error response vulnerability - HTTP 500
Simplified version of the DES (Data Encryption Standard) in C#
by Jubba Smail
Implementing a simplified version of the DES block cipher algorithm – which was the standard encryption algorithm before the AES, using C# to encrypt and decrypt binary files.
Solving Real-World Problems with Self-Hosted AI: Unleashing the Potential in Your Applications
by Chris Maunder
Discover the fundamentals of artificial intelligence (AI) and how it can revolutionize your business. Learn about the benefits, applications, and practical use cases to ignite your curiosity
SQL Injection Knowhow
by Arpit Dubey
This article explains SQL injection attacks, mitigation strategies, and factors to consider while testing.
SQL Server Brute Force Attack Detection: Part 1
by Ryan G Conrad
Prevent brute-force login attacks on a remotely accessible SQL Server database using T-SQL
SQL Server Brute Force Attack Detection: Part 2
by Ryan G Conrad
Additional logging and data collection
SQL Server Brute Force Attack Detection: Part 4
by Ryan G Conrad
Using Powershell and Windows Task Scheduler API to detect malicious login attempts on a remotely accessible SQL Server database
SQL Server Security
by ASP.NET Community
There's a lot of great information on SQL Server Security covering both SQL Server 2000 and 2005.Blogs/DevCentersSQL Server 2005 Security on
SSL Peer Verification
by All Time Programming
Verifying the Server Certificate on the client side using a CA file
SSL Verification for Android Applications
by All Time Programming
Perform SSL Verification while using Web Services
Swanky Encryption/Decryption in C#
by 1337Architect
Handy classes to use the .NET Encryption/Decryption
The Dark Side of the Internet of Things
by Intel
In the enthusiasm to embrace IoT technology, however, ongoing privacy issues and security threats are sometimes going unnoticed. These issues are gaining more attention, highlighting concerns that should be factored into planning, development projects, and broader IoT implementations.
The Secrets of Google Chrome Credentials
by Michael Haephrati
Chrome stores all passwords and other credentials in an encrypted database but guess what: they can be retrieved by anyone with the proper knowledge. This article will show you how.
The Secrets of Internet Explorer Credentials
by Michael Haephrati
Third of several articles covering the secrets of obtaining stored (and encrypted) credentials stored by browsers
Things I learned while implementing my first Level2 SecurityCritical assembly
by Ronald M. Martin
Reading between the lines of the .NET 4.0 Level 2 Security documentation
Thinktecture Identity Server - Configuration, Customization
by Azeet Chebrolu
Installing, extending Identity Server and implementing session token caching
Threat Modeling
by ASP.NET Community
It's absolutely necessary if you're serious about security.Whitepapers/Books/BlogsThreat Modeling for ASP.NET (PDF) - an excellent white
T-SQL reporting engine
by Levente Kupás
If you have big reports which run slowly, you may use this T-SQL based engine to speed-up them.
Tutorial: Enforcing Security and Compliance Policies in CloudFormation with Bridgecrew
by Mike Urbanski
In this article, we'll walk through the process of configuring Bridgecrew to scan a CloudFormation deployment, run the scans, find issues, and fix them.
Understanding Service Principal Names for SQL Server Integrated Security
by Bruno van Dooren
Basics of Service Principal names, and what they mean for SQL Server security
Understanding SQL Injection and Creating SQL Injection Proof ASP.NET Applications
by Rahul Rajat Singh
This article talk about what SQL injection is, how can that effect the security of our websites and what steps should be taken to create an ASP.NET application SQL injection proof.
Understanding, Using and Customizing ASP.NET Identity System for Authentication and Authorization
by Rahul Rajat Singh
In this article we will look into ASP.NET Identity System which comes as the default authentication and authorization mechanism with ASP.NET MVC 5 internet application template. We will try to understand the ASP.NET Identity system and compare it with the ASP.NET simple membership providor and the c
Validation & Security in MVC Application
by Passion4Code
Validation & security in MVC application
WCF REST 4.0 Authorization with Form Based Authentication (SetAuthCookie)
by Anupama Agarwal
How to create custom authorization policy and return HTTPContext Identity for authorization.
WCF Service with custom username password authentication
by Fayaz Soomro
This article describes custom username password authentication without the need of certificate installation on the client side.
WinForms - Using a custom principal with AspNetDb
by Dylan Morley
Describes how to use a custom principal implementation with the AspNetDb security database in a WinForms application.
XSRF with Web API and Angular
by ireiter
Using XSRF with Web API and Angular
YAPM (Yet Another Password Manager)
by Joe Dillon
This article describes the security techniques required to create a secure offline password manager and how the Libsodium library has been used to achieve this. YAPM stores passwords with AES encryption and authenticates users with an Argon2 hash.
ZedGraph in a C# web application in a Medium trust environment
by AS01234
Tutorial on using ZedGraph on a Medium trust web host, beginning to deployment.



Privacy
Cookies
Terms of Use
Last Updated 2 Jul 2025
Layout: fixed | fluid
Copyright © CodeProject, 1999-2025
All Rights Reserved.

Web01 2.8:2024-12-08:1