https://secprep.io 2026-06-01T14:09:55.657Z weekly 1 https://secprep.io/docs/api 2025-01-01T00:00:00.000Z monthly 0.5 https://secprep.io/privacy 2025-01-01T00:00:00.000Z yearly 0.3 https://secprep.io/terms 2025-01-01T00:00:00.000Z yearly 0.3 https://secprep.io/cards/what-is-stored-vs-reflected-xss 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/how-does-csrf-work-and-defenses 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/authentication-vs-authorization 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/what-is-ssrf 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/idor-bola-explained 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/how-to-store-passwords 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/oauth-vs-oidc 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/cors-misconfiguration 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/what-is-ssti 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/owasp-top-10-2021-categories 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/tls-handshake-steps 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/secure-cookie-attributes 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/jwt-alg-none-attack 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/hashing-vs-encryption 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/sql-injection-string-concat 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/missing-authorization-check 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/os-command-injection 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/fix-cors-wildcard-with-credentials 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/aws-creds-in-public-s3-bucket 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/three-tier-architecture-attack-surface 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/is-path-traversal 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/fix-jwt-alg-none 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/fix-path-traversal-node 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/third-party-script-xss 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-secure-file-upload 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-secrets-management 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/which-header-prevents-clickjacking 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/tls-forward-secrecy 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/race-condition-toctou 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/http-security-headers 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/xxe-vulnerable-xml-parser 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/insecure-deserialization-pickle 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/what-is-supply-chain-attack 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/threat-modeling-stride 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/secure-sdlc-phases 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/walk-through-a-vuln-you-found 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/disagree-with-dev-team-on-risk 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/prioritize-backlog-of-findings 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/explain-risk-to-non-technical-execs 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/build-an-appsec-program 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/influence-without-authority 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/a-time-you-were-wrong-about-risk 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/cors-preflight-requests 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/cors-vs-csrf 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/content-security-policy-basics 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/hsts-strict-transport-security 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/subresource-integrity-sri 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/x-content-type-options-purpose 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/what-is-xxe 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/defense-in-depth-principle 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/zero-trust-architecture 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/secure-cicd-pipeline 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-multitenant-isolation 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-b2b-sso 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/critical-cve-in-prod-dependency-mid-release 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/dev-pushed-aws-key-to-public-github 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/customer-reports-account-takeover 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/pentest-found-stored-xss-in-prod 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/suspicious-spike-in-failed-logins 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-rate-limiting-and-account-lockout 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-secure-session-management 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-audit-logging-detection-pipeline 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-secure-secrets-rotation 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-api-authentication-first-and-third-party 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/session-fixation-attack 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/oauth-pkce-and-implicit-flow 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/password-reset-flow-security 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/crypto-ecb-vs-cbc-gcm-pitfalls 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/open-redirect-vulnerability 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/graphql-security-risks 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/http-request-smuggling 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/clickjacking-frame-ancestors-csp 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/what-is-clickjacking-and-layered-defenses 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/frame-busting-limits-and-double-clickjacking 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/jwt-vs-server-side-sessions-revocation 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/open-redirect-code-review 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/mass-assignment-vulnerability 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/security-champions-program 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/appsec-program-metrics-kpis 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/paved-road-secure-by-default 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/shift-left-without-bottleneck 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/scaling-security-across-teams-you-dont-own 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/bug-bounty-vs-vdp-vs-pentest 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/security-requirements-abuse-cases-asvs 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/leading-org-wide-remediation-postmortem 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-vulnerability-management-slas 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/cvss-base-temporal-environmental-limits 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/sast-vs-dast-vs-sca-vs-iast 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/secure-code-review-methodology 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/threat-modeling-dfd-trust-boundaries-attack-trees 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/api-security-bola-vs-bfla 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/saml-security-signature-wrapping 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/prototype-pollution-javascript 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/imdsv1-vs-imdsv2-ssrf 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/sbom-sca-transitive-dependency-risk 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/secret-detection-and-rotation-on-leak 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/argon2id-vs-bcrypt-vs-scrypt 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/host-and-secure-cookie-prefixes 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/allowlist-vs-denylist-canonicalization 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/mtls-service-to-service-auth 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/file-upload-extension-trust-rce 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/design-security-champions-program 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/run-incident-response-tabletop 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/threat-modeling-as-a-service-at-scale 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/risk-acceptance-and-exception-governance 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/where-sca-runs-in-pipeline 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/waf-role-and-limitations 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/cost-of-fixing-bugs-shift-left-cloze 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/drive-remediation-across-teams-you-dont-own 2026-06-01T14:09:55.657Z monthly 0.7 https://secprep.io/cards/broken-object-property-level-authorization 2026-06-01T14:09:55.657Z monthly 0.7