Modo escuro
Política de divulgação
About
Carrers
Suffered an incident?
Fale conosco
Fale conosco
Consultoria
Pentest
Cyberattack Simulation
Security Advisory
Digital Security Consulting
AI Security Test
Specialized Security Testing for Generative Artificial Intelligence
Application Security
Web and Mobile Application Security
Cloud Security
Advanced Cloud Protection
Offensive Security
Penetration and Vulnerability Testing
MSS
SOC
Security Operations Center
STM
Security Tool Management
GVC
Vulnerability and Risk Management
Threat Intelligence
Resonant
Discover Tempest's new Threat Intelligence product
Takedown
Protection and response to data hijacking attacks,
Intel Feeds
Advanced threat monitoring
CTI Strategic Reports
Informes de ciberinteligencia
Conteúdos
Simulador
Security Maturity Simulator
Cyber Morning Call
Daily cybersecurity podcast
Tempest Trends
Keep up with market trends
Side Channel
Content produced by technical departments
Downloads
Exclusive cybersecurity content
Parceiros de Negócios
Fale Conosco
Consultoria
Pentest
Cyberattack Simulation
Security Advisory
Digital Security Consulting
AI Security Test
Specialized Security Testing for Generative Artificial Intelligence
Application Security
Web and Mobile Application Security
Cloud Security
Advanced Cloud Protection
Offensive Security
Penetration and Vulnerability Testing
MSS
SOC
Security Operations Center
STM
Security Tool Management
GVC
Vulnerability and Risk Management
Threat Intelligence
Resonant
Discover Tempest's new Threat Intelligence product
Takedown
Protection and response to data hijacking attacks,
Intel Feeds
Advanced threat monitoring
CTI Strategic Reports
Informes de ciberinteligencia
Conteúdos
Simulator
Security Maturity Simulator
Cyber Morning Call
Daily cybersecurity podcast
Tempest Trends
Keep up with market trends
Side Channel
Content produced by technical departments
Downloads
Exclusive cybersecurity content
Parceiros de Negócios
Contact us
SideChannel
Web Application Security
Latest Posts
Overview of vulnerabilities in the implementation of the OAuth protocol
By Thiago Duda Introduction to OAuth 2.0 OAuth (Open Authorization) is an authorization protocol that allows application...
Read more
Understanding the Edge Side Include Injection vulnerability
By Thiago Escobar The Edge Side Includes markup language allows a page to be created from fragments. These fragments are
Read more
XSSi: An overview of the vulnerability in 2024
By Henrique Curi de Miranda 1. Introduction Historically, Cross-Site Script Inclusion (XSSi) is a vulnerability that is...
Read more
Pickles, Shorts and Jokers: A study on Java deserialization
By Bernardo Melo Introduction When asked by some members of Tempest's Technical Consulting team which subject I would ch...
Read more
Web cache poisoning - a practical approach
By Rafael Carneiro Reis de Souza In this article we'll cover a bit about the vulnerability, Web cache poisoning. As
Read more
Cross-site Scripting (XSS), variants and correction
By Gabrielle Delgado Cross-site Scripting, also known as XSS, is a type of client-side code injection attack that exploi...
Read more
HTTP Method Override - what it is and how a pentester can use it
By Fernando Campanhã As already mentioned in other posts here at SideChannel (HENRIQUE, 2021; MORAIS, 2021; MULLER, 2021...
Read more
URL Filter Subversion
By Ricardo Henrique I would like to start this post with a brief introduction. I'm an intern at Tempest Consulting,
Read more
Common problems in bad implementations of business rules and absence of data validation - Part 1
By Felipe Azevedo This blogpost continues the saga of articles on problems in Web and/or mobile applications. Our goal i...
Read more
1
2
Subscribe our newsletter
Subscribe
