cross site request forgery

This article is about a simple CSRF vulnerability I found, I am going to discuss how I found it and share my POC. Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. With a CSRF vulnerability an attacker can force an authenticated victim to perform actions sensitive actions like edit account details, transfer money etc without their consent.

For the purpose of this article I am going to refer to the website I found the vulnerability on as redacted. I randomly chose to hack…


Two Factor Authentication

2FA ( Two Factor Authentication) is an authentication protocol where access is only granted after providing two pieces of evidence to an authentication mechanism typically a Password and an OTP (One Time Token). To access an account protected with 2FA you need both the password and a secret token, this serves as an extra layer of security. To successfully bypass 2FA means you can gain access to a 2FA protected account without the 2FA code, just the email and password.

This article series is going to be explaining some common vulnerabilities in 2FA implementation. …


cross site scripting

Quick Summary : In the last nine years, the most frequent vulnerability on websites all over the world has been XSS (Cross-site Scripting), which makes about 18% of all bugs found. XSS vulnerability can have a critical impact on a website, it is therefore very important to learn how to protect your website from this vulnerability. In this article I will explain in detail how XSS vulnerability occurs, the various types and how to best protect against it.

Cross Site Scripting (XSS) vulnerabilities are a type of injection attack where malicious scripts are injected into a website. It enables attackers…


data structues and algorithms

A lot of new developers have a problem when it comes to learning data structures and algorithms. This problem majorly arises from the fact that datastructures & algorithms are more technical than the basic HTML/CSS. Before proceeding I think it will be beneficial to first understand what DataStructure & Algorithm are.

What Is DataStructure?

According to WikiPedia —

A data structure is a data organization and storage format that enables efficient access and modification. A data structure is a collection of data values, the relationships among them, and the functions or operations that can be applied to the data.

What is Algorithm?

According to WikiPedia

An…


If you are active in the tech industry, you must have heard of the term Serverless. Is it actually server-less? What exactly does serverless computing actually mean. In this article I will be explaining serverless computing and we will see if Serverless computing is actually server-less.

aws lambda azure functions cloud functions

What is Serverless Computing

Serverless computing (or serverless for short), is an execution model where the cloud provider (AWS, Azure, or Google Cloud) is responsible for executing a piece of code by dynamically allocating the resources. And only charging for the amount of resources used to run the code. The code is typically run inside stateless containers that…


According to StackOverflow 2019 developer survey, JavaScript is the most commonly used Programming language for the 7th year in a row. The reason for the popularity of JavaScript is simple, JavaScript runs everywhere. JavaScript is the only language that allows you to build web applications, APIs, mobile applications, and desktop apps?

stackoverflow developer survey — 2019

JavaScript is a great language. It has a simple syntax, large ecosystem and, what is most important, a great community. At the same time, JavaScript is quite a funny language with tricky parts. …


html tags

As a web developer you are expected to be fluent in many languages and frameworks. It is literally impossible to learn everything a language has to offer and easy to find yourself not utilizing the full potential of the language. Most programming languages functionalities that are not commonly explored by developers.

HTML is usually the first language most web developers learn but it’s very rare that you learn all the available tags, we mostly stick to the most commonly used ones. Today i will be looking at some obscure but very useful HTML tags. …


Conditionals are part of the basics of every programming language. Conditionals are expressions that evaluate to either true or false. They are mostly used to determine Program Flow. Often times you will need to perform a particular action if a statement evaluates to true and another if it evaluates to false. To perform these actions we use conditionals.

NOTE : I am using JavaScript for the Code Snippets.

There are three common ways to use conditionals

  1. If-else statements
  2. Ternary operator
  3. Switch-Case

If-Else Statements

The if/else statement executes a block of code if a specified condition is true. …


In this article I am going to be explaining the basics of Nodejs and creating a Nodejs server in just 7 lines of code, so lets get started.

Nodejs

What is Node.js? Node.js is an open-source, cross-platform JavaScript run-time environment that executes JavaScript code outside of a browser. Node.js helps us to run JavaScript code on the server. With Node.js you can use JavaScript for the back-end of your websites and web apps in place of other back-end languages like PHP. Node.js represents a “JavaScript everywhere” paradigm, unifying web application development around a single programming language, rather than different languages for…


adeyefa toba — portfolio

Choosing a platform to host your website is one of the most important decisions you will have to make when building a website. There are many options for hosting your website like shared hosting, VPS and cloud hosting. A good hosting platform allows you to deploy your web application easily , ensures maximum uptime and allows you to manage your website without stress.

I have been postponing redoing my portfolio site for a while now, partly because I was conflicted on where to host it. Then I came across Sarah Drasner tweet about redoing her site on Netlify, bingo i…

Adeyefa Oluwatoba

Full Stack web developer. I love learning new thing, open to new opportunities and experiences.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store