-
Merlican: Mermaid Diagrams for Pelican
Merlican is a Pelican plugin that enables Mermaid diagram support in your Markdown content. Write diagrams using standard Mermaid code blocks and have them rendered client-side in your generated site.
Read more... -
OWASP Top 10 (2021)
The OWASP Top 10 (2021) is a curated list of the most critical security risks to web applications. It’s not just for security teams - every developer should understand these risks. Below is a short summary of each, along with why or when it matters most.
Read more... -
OWASP #10 (2021) – Server-Side Request Forgery (SSRF)
SSRF happens when an attacker tricks a server into making a request on their behalf - often to internal systems not meant to be exposed.
Read more... -
OWASP #9 (2021) – Security Logging and Monitoring Failures
This category deals with how well your system can detect and respond to suspicious activity. Most breaches aren’t caught because of lack of alerts - they’re caught because something looked wrong, and someone was paying attention.
Read more... -
OWASP #8 (2021) – Software and Data Integrity Failures
This category focuses on trust - specifically, trusting the integrity of software, updates, and data.
Read more... -
OWASP #7 (2021) – Identification and Authentication Failures
This category used to be called “Broken Authentication.” It now covers all failures in how users are identified and authenticated.
Read more... -
OWASP #6 (2021) – Vulnerable and Outdated Components
Modern applications rely heavily on third-party libraries, frameworks, and packages. When these components are outdated or vulnerable, your app inherits their risks.
Read more... -
OWASP #5 (2021) – Security Misconfiguration
Security Misconfiguration happens when systems are deployed with insecure settings - or when default settings aren’t changed at all. This is one of the most common and avoidable issues.
Read more... -
OWASP #4 (2021) – Insecure Design
Insecure Design refers to flaws in how a system is planned, not just how it’s built. These aren’t coding bugs - they’re structural issues where security was never considered in the first place.
Read more... -
OWASP #3 (2021) – Injection
Injection happens when untrusted input is sent to a system interpreter (like SQL, shell, or HTML) without proper validation or escaping. This lets attackers modify commands and potentially take control.
Read more...