Skip to content
Application Security Expert Ahsan.au
Research & Articles

Web Security

Broken Access Control
Posted inApplication Security OWASP Web Security

Broken Access Control: The Quiet, Persistent Threat Still Dominating the OWASP Top 10 in 2025

If there's one vulnerability category that refuses to fade, it's Broken Access Control. According to the OWASP Top 10 2025, Broken Access Control is once again one of the most recurring…
Read More
Posted by Ahsan Mohsin December 1, 2025
OWASP Top 10
Posted inApplication Security OWASP Software Engineering

Why OWASP Top 10 (2025) Matters More Than Ever — A Practical Breakdown for Engineers

Introduction: The Relentless Race and the North Star The digital landscape is a constantly evolving battleground. For every innovative stride forward from microservices to serverless there's a new, subtle vulnerability…
Read More
Posted by Ahsan Mohsin November 30, 2025
SSRF Vulnerability
Posted inWeb Security Application Security Cloud Security

SSRF Vulnerability Explained: Attack Types, Real-World Examples & Prevention (2025 Edition)

Disclaimer: This article is for educational purposes only. Always ensure you have proper authorization before testing or exploring vulnerabilities. What is SSRF (Server-Side Request Forgery)? At its simplest, SSRF is when…
Read More
Posted by Ahsan Mohsin November 27, 2025
Web Cache Deception – Invisible URL Trap & Security Risks
Posted inApplication Security (AppSec) Cybersecurity

Web Cache Deception: The Invisible Trap in Your URL

Introduction Web Cache Deception (WCD) is a subtle yet powerful vulnerability that often goes unnoticed in modern web apps. Unlike flashy exploits, it requires no authentication bypass or injection —…
Read More
Posted by Ahsan Mohsin November 20, 2025

Ahsan Mohsin

Hello! I am Ahsan, a security builder and experimenter. I turn complex AppSec and automation problems into compact, useful products.

  • LinkedIn

Recent Posts

  • software or data integrity failures 2025
    Software or Data Integrity Failures  When Trusted Code Gets Tampered With
    by Ahsan Mohsin
    December 28, 2025
  • authentication failures
    A07:2025 – Authentication Failures – Why Logins Still Get Hacked
    by Ahsan Mohsin
    December 27, 2025
  • Metaphor for A10:2025: A small exception causing catastrophic security failure in a modern application.
    A10:2025 Mishandling of Exceptional Conditions – The Quiet AppSec Failure No One Owns
    by Ahsan Mohsin
    December 22, 2025
  • Metaphor for choosing secure-by-default paved roads over security gates in application security programs.
    Why Most Application Security Programs Fail Before They Begin
    by Ahsan Mohsin
    December 19, 2025
  • Group Managed Service Accounts
    The Evolution and Security of Non-Human Identities: A Comprehensive Guide to Group Managed Service Accounts
    by Ahsan Mohsin
    December 16, 2025

Categories

  • Active Directory
  • Application Security
  • Application Security AppSec
  • Cloud Computing
  • Cloud Security
  • Cybersecurity
  • Cybersecurity
  • DevOps
  • DevOps & CI/CD
  • Enterprise Infrastructure
  • Network Defense
  • Network Security
  • News
  • OWASP
  • Penetration Testing
  • Pentesting
  • Software Architecture
  • Software Engineering
  • Software Security
  • System Administration
  • Threat Analysis / Attack Vectors
  • Tools
  • Web Application Security
  • Web Hosting
  • Web Infrastructure
  • Web Security
  • Windows Security

Tags

ACL Attacks Active Directory AD Attacks AD CS API Security Application Security AppSec Attack Paths BloodHound CI/CD Security Cloud Security Cuckoo Sandbox Cybersecurity DCSync DevSecOps Domain Controller Enterprise Security gMSA Golden Ticket Hardening Kerberoasting Kerberos Lateral Movement login security OWASP OWASP A07 2025 OWASP SAMM OWASP Top 10 Persistence PowerShell Privilege Escalation SAST/DAST Secure SDLC Security Security Automation Security Champions Security Program Service Accounts Shared Hosting Threat Modeling Web Application Security Web Security Windows Server x64dbg ZeroLogon

Application Security Expert Ahsan.au

Hello! I am Ahsan, a security builder and experimenter. I turn complex AppSec and automation problems into compact, useful products.

  • Linked in
  • Email

Ideas ship faster when shared.

© 2026 All Rights Reserved

Scroll to Top