Reddit web app security. 1,725,073 likes · 105,945 talking about this.

Reddit web app security A community dedicated to all things web development: both front-end and back-end. I have built some web apps for my personal usage on a VPS and the back-end is n8n (automation via API & webhooks). AI-powered content moderation: Reddit uses AI-powered detection tools to scan posts and comments for Hi folks! I've spent the last couple of years writing a book about application security specifically targeted at web developers. Explore its pros and cons, company stats, pricing and competitors. Your go-to place for Reddit updates, announcements, and news… Sep 30, 2025 · Reddit is home to thousands of communities, endless conversation, and authentic human connection. The heart of the internet, where millions gather for conversation and community. Most resources you find on appsec are going to focus on web because just about everything will have a web component in some fashion. Reddit is a social network with something for everyone: trending topics, diverse discussions, and engaging communities and comment threads. I know it's not ideal but for my personal use, it's enough. Learning about Web App Security I'm trying to learn more about web app security and principles. 1,725,073 likes · 105,945 talking about this. Redditors have authentic and interesting conversations around all sorts of curated content. Web application hackers handbook, Owasp testing guide, Unix system admin handbook, Network security assessment, The hacker playbooks, The tangled web. Where can I find beginner friendly resources for it? More complex resources are appreciated too. Reddit is the most diverse place on the web, where people from all over the world come together to share passions, ideas and experiences, creating Jul 19, 2024 · Reddit is the heart of the internet, where millions of people get together to talk about any topic imaginable. When you are learning web app (really any app) pentesting it is important to understand how the app works to find vulnerabilities. r/reddit: The most official Reddit community of all official Reddit communities. I'm wondering about the security of the source code, I know it is obfuscated, but is it enough to prevent someone with the appropriate knowledge from copying my application? Everything possible is transferred to the back-end, and no secrets are stored in the code, I also use Firebase Auth. Share, vote, and decide what matters in everything from breaking news, to fandoms, lifehacks, gaming, sports, health, and the internet’s cutest animals. Registered users (commonly referred to as "redditors") submit content to the site such as links, text posts, images, and videos, which are then voted up or down ("upvoted" or "downvoted") by other members. As applications and services move to the web, avoiding web vulnerabilities such as XSS and CSRF becomes critical. But I want to learn all there's to know about that to implement it in my web projects. Which type of application security are you interested in? Web, mobile, system applications? I'd recommend reading Alice and Bob Learn Application Security, then Agile Application Security, read blogs on WeHackPurple and HellaSecure. A web app is a software application that is accessed through a web browser, such as Google Chrome or Mozilla Firefox. Reddit is a forum-style social media platform where users—known as Redditors—share content, ask questions, and engage in discussions within niche communities called subreddits. Whether you're into breaking news, sports, TV fan theories, or a never-ending stream of the internet's cutest animals, there's a community on Reddit for you. The most popular ones include AppScan, Netsparker, and Acunetix, which are all automated web application security scanners. What it does, what it doesn't do, what features are available, etc. Since this a subject… Hello, I write web applications in Flutter. Reddit. I want to learn the optimal ways for securing a web application as a developer, preventing things like XSS and SQL injection. Welcome to Reddit, the heart of the internet. Jan 13, 2025 · Reddit is a social platform where users share and discuss content in niche communities. I was a dev before getting into AppSec. 6 days ago · The OWASP Top 10:2025 highlights evolving web security risks and the need for proactive, resilient software defenses. After I have a good understanding of how the application is supposed to work I'll hypothesize that it has certain vulnerabilities. If you mean something more akin to appsec, OSWE while technically being white-box pentesting, is probably the go-to. net/web-security is a great (and free) resource to gain experience in web application penetration testing. Reddit is a network of communities where people can dive into their interests, hobbies and passions. It all depends on what exactly you mean by "Web Application Security Training". This includes building secure web applications, testing the security of web applications, and anything else related. My question is what are some common security practices I should implement so I can secure my web app better? I am aware that I'm not a professional but I think 335 votes, 43 comments. While it's exciting to see the promises of 'enhanced user experience and better remote access' , it's essential for us to consider potential security risks that might come with it. These scanners can detect common vulnerabilities and security flaws in web applications, as well as provide detailed reports. e not only related to web app but equally mobile and desktop apps. My general approach is to use the application for a while and figure out how to use it. Google Web Risk: This security integration helps Reddit stay free from malicious links. If you mean pentesting web apps, eWPT is great in my opinion. How involved, AppSec is the security of software, so you work in all stages of the SDLC, training to monitoring your app in prod. /r/frontend is a subreddit for front end web developers who want to move the web forward or want to learn how. Just throwing everything at every input is a waste of time Reddit is a network of communities where people can dive into their interests, hobbies and passions. Of the top of my head Desktop apps will give you:- More memory and computing power since Webapps are single threaded (cannot run multiple processes simultaneously) - Offline access (can be achieved in webapps too but it's inherent in desktop apps) - Better security and backwards compatibility (An older version of your app will always work on the same OS) Webapps have a lot of advantages too For quick wins/vulnerability assessment on internal and external tests we use Nessus and we also tried it out a couple years back for web testing but the web application scanner felt very lackluster compared to the rest. Nov 3, 2025 · We would like to show you a description here but the site won’t allow us. If you're looking to find or share the latest and greatest tips, links, thoughts, and discussions on the world of front web development, this is the place to do it. When users post or click external links, Reddit checks them against Google’s constantly updated database of unsafe websites. Join the Application Security community on Reddit and connect with like-minded people working in or learning about AppSec. There are various difficulties of labs and training to support the labs. Web apps are typically built using a combination of HTML, CSS, and JavaScript, and they can be accessed from any device with an internet connection. That would be a good start. About community websecurity: building and maintaining secure websites Links and discussion on the development and maintenance of secure websites, for website owners, developers and pentesters. It allows me to use an https://portswigger. What are some recommended courses to take or books to read to be more knowledgeable on the topic? I was wondering if there are any trainings/courses or certifications related to application security in general, i. trueI like this structure for learning. . For more design-related questions, try /r/web_design. Beyond that, learn to use: developer tools in your browser a packet analyzer curl any language to scrape web pages programmatically Using these tools on a daily basis will help you familiarize yourself with and better understand what happens behind the scenes whenever you access a web application. We would like to show you a description here but the site won’t allow us. Pentesterlab also has a lot of stuff for web apps. It has profile picture upload, so maybe it's vulnerable to arbitrary file upload. We have came across several options like Cloudflare, F5 On-Premises, F5 Cloud and Imperva If anyone has experience with these or any other WAF Reddit is a network of communities where people can dive into their interests, hobbies and passions. Share news about OWASP, news that has to do with AppSec (breaches, new open-source tools) and anything educational for developers, students and anyone that wants to learn more about AppSec! I am wanting to learn more about application security. Reddit (/ ˈrɛdɪt / ⓘ RED-it, formerly styled reddit) is an American proprietary social news aggregation and forum social media platform. Does anyone have suggested articles, books, or videos to become more familiar with concepts like authentication, protecting data, encryption, and preventing security threats? Hi Everyone, We are looking for a WAF solution for our organization and the main features we are looking for include but limited to L7 DDoS protection, Web Application Security, Protection against Web Application Vulnerabilities, Botnet Protection etc. I wanted to raise my concerns about the security aspects of the new Sonos web app. Check out more here. This subreddit was created to supplement the more general netsec sub. Recommendations to transition into appsec? Are most application security jobs geared towards web applications rather than mobile apps? More specific but how can someone who works as a mobile app pentester utilize their skillset to transition over to appsec? Resources? I know that WeHackPurple is a good resource along with the book. Hi, I'm very new to web applications and I'm still learning. A community for Application Security discussion such as OWASP Top 10, new CVEs related to code, best secure coding practices, and more. May 12, 2025 · Here are some of the tools used to boost Reddit security. There is nothing that turns me off more than a web tester who doesn’t know programming/how web apps work and just know the vulnerabilities. About Community This is a subreddit focused on web application security. In no particular order. What free apps or websites can you recommend for doing website security/vulnerability scanning? If not free, very inexpensive? Of course, building JS apps, I have learned the fundamentals of security, like passwords and tokens, permissions and access control, HTTPS, sanitizing user input to prevent SQL injections and XSS, etc. There's a community for whatever you're interested in on Reddit. zif z1k2 panmsr8 7kj eij w8s esq yifih pfi0x7n udwwav