Usalama — Ufichuzi wa Kuwajibika
Tunachukulia usalama kwa uzito.
Wasiliana
Upeo
- medova.health
- API routes at medova.health
- Next.js
- Supabase REST API
Nje ya upeo
- Hetzner
- Huduma za nje
- DoS/DDoS
- Uhandisi wa kijamii
- Usalama wa kimwili
Sheria
- Usiharibu data
- Usishambulie upatikanaji
- Usifikie akaunti za watu wengine
- Jaribu tu kwenye akaunti yako
- Ripoti kabla ya kuchapisha
Tunachotafuta
- SQL Injection, XSS, CSRF
- Auth bypass
- IDOR
- API keys
- CORS
- Rate limiting
- Open redirects
Tuzo
Tunatoa:
- Hall of Fame
- Pendekezo la LinkedIn
- Rejea ya portfolio
- Simu ya video
- Utambuzi wa muda mrefu
Mchakato
- Tuma ripoti
- Uthibitisho ndani ya saa 48
- Tathmini ndani ya siku 7
- Marekebisho ndani ya siku 30
- Hall of Fame baada ya marekebisho
Uainishaji
| Kiwango | Mfano |
|---|---|
| Critical | RCE, auth bypass |
| High | IDOR |
| Medium | XSS |
| Low | Headers |
Miundombinu ya usalama
- 858+ RLS
- CSP
- HSTS
- Rate limiting
- ISO 27001
- GDPR
Hall of Fame
Kuwa wa kwanza. Ripoti udhaifu.