Subscribe
Sign in
Home
Practical Laravel Security
Laravel Security Audits
In Depths
Tips
Audits Top 10
OWASP Top 10
Archive
Leaderboard
About
In Depth
Latest
Top
Discussions
In Depth: Graceful Encryption Key Rotation
[InDepth#25] Laravel makes effective use of encryption for security purposes, but what happens if your encryption key needs to be rotated? Let's see how…
Apr 3
•
Stephen Rees-Carter
2
Share this post
In Depth: Graceful Encryption Key Rotation
securinglaravel.com
Copy link
Facebook
Email
Note
Other
In Depth: Registration Without Enumeration!
[InDepth#24] It's time to answer the question: how do you build user registration and authentication without an enumeration vector?
Mar 3
•
Stephen Rees-Carter
3
Share this post
In Depth: Registration Without Enumeration!
securinglaravel.com
Copy link
Facebook
Email
Note
Other
In Depth: Protecting Staging Sites!
[InDepth#23] Staging sites usually contain buggy code, debugging tools, and lower security than production, while also being a gateway into your…
Jan 30
•
Stephen Rees-Carter
4
Share this post
In Depth: Protecting Staging Sites!
securinglaravel.com
Copy link
Facebook
Email
Note
Other
1
In Depth: Introducing Random
[InDepth#22] Random generates cryptographically secure random values in a range of different formats through a simple helper package for PHP.
Dec 31, 2023
•
Stephen Rees-Carter
5
Share this post
In Depth: Introducing Random
securinglaravel.com
Copy link
Facebook
Email
Note
Other
In Depth: Securing Apps on Forge
[InDepth#21] I've had this question many times, so let me take you through the steps I follow when provisioning and securing apps on Forge.
Nov 21, 2023
•
Stephen Rees-Carter
3
Share this post
In Depth: Securing Apps on Forge
securinglaravel.com
Copy link
Facebook
Email
Note
Other
3
In Depth: Adding Rehashing to Laravel
[InDepth#20] It turns out Laravel was missing an important piece of it's Authentication system: password rehashing! Let's add that in and learn how the…
Oct 9, 2023
•
Stephen Rees-Carter
4
Share this post
In Depth: Adding Rehashing to Laravel
securinglaravel.com
Copy link
Facebook
Email
Note
Other
In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 2)
[InDepth#19] It's time to finish up the "Th1nk Lik3 a H4cker" walkthrough, looking at the rest of the challenges and the final hack from Laracon US!
Aug 30, 2023
•
Stephen Rees-Carter
3
Share this post
In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 2)
securinglaravel.com
Copy link
Facebook
Email
Note
Other
2
In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 1)
[InDepth#18] Let's take a walk through the first half of my "Th1nk Lik3 a H4cker" talk from Laracon EU & US. We'll explore the vulnerabilities behind…
Jul 29, 2023
•
Stephen Rees-Carter
2
Share this post
In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 1)
securinglaravel.com
Copy link
Facebook
Email
Note
Other
In Depth: Storing Environment Variables Safely
[InDepth#17] Let's dive deep into the wonderful world of storing environment variables safely, looking at the different options Laravel supports and…
Jun 19, 2023
•
Stephen Rees-Carter
2
Share this post
In Depth: Storing Environment Variables Safely
securinglaravel.com
Copy link
Facebook
Email
Note
Other
3
In Depth: What Are Insecure Functions?
[InDepth#16] According to random folks on the internet (i.e. social media), "insecure functions" are a wide and varied concept. Let's take a look at the…
May 17, 2023
•
Stephen Rees-Carter
Share this post
In Depth: What Are Insecure Functions?
securinglaravel.com
Copy link
Facebook
Email
Note
Other
In Depth: Mass-Assignment Vulnerabilities
[InDepth#15] There is a false confidence about mass-assignment vulnerabilities that hides how easy it is for them to occur and be exploited...
Apr 15, 2023
•
Stephen Rees-Carter
2
Share this post
In Depth: Mass-Assignment Vulnerabilities
securinglaravel.com
Copy link
Facebook
Email
Note
Other
In Depth: Securing Randomness Without Breaking Things
[InDepth#14] Cryptographically secure randomness is important, but so is backwards compatibility...
Mar 22, 2023
3
Share this post
In Depth: Securing Randomness Without Breaking Things
securinglaravel.com
Copy link
Facebook
Email
Note
Other
Share
Copy link
Facebook
Email
Note
Other
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts