Blog

Research articles and blog posts from SecDim

This is excerpt from our experiment titled: Lessons Learned from a Public Experiment: Securing and Attacking LLM-Based Apps The following...

In my article on Technical analysis of Optus API security challenge - Three must to have API security controls I...

I have reviewed several solutions for our fix the flag contests, contributed by seasoned developers and prominent CTF players. What...

Tl;dr: Apps rely on untrusted parameter to perform size check. This can result into DoS attack. Stream Buffer Read is...

TL;DR: ChatGPT serves as a valuable tool by providing immediate information without the need for manual searches. It seems to...

Tl;dr : This article is analysis of over 50 submissions for a JavaScript integer overflow challenge. Many submissions did not...

Tl;dr : The input was not checked for out of range values. By enforcing size change on the data type,...

Tl;dr: Authentication alone could only hide API security weaknesses. Three security controls are required to address the root cause of...

Suppose the following function checks if a user can access a resource. What can go wrong? function checkAccess(User user, Resource...