Sunday, 20 September 2020

API Security Testing Checklist

 API should be checked for the following from a Security perspective:

1. Denial of Service Attack https://owasp.org/www-community/attacks/Denial_of_Service

2. OWASP A6- Security Misconfiguration https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html 

2. IP Access Control https://owasp-top-10-proactive-controls-2018.readthedocs.io/en/latest/c7-enforce-access-controls.html

3. MITRE CWE 250 Unnecessary Privileges - Basic Authentication

4. Ensure no direct access to database.

5. Access token authentication - e.g. OAuth* 2 with JWT for user authentication and authorization. 

5. API Key Generation & Validation - API providers should expose secure methods to provide authorization code or access tokens on demand.

Wednesday, 10 June 2020

How to connect Raspberry Pi Pico to a external temperature sensor(DHT11 or DHT22)

How to connect Raspberry Pi to DHT 11 / DHT 22   Connect your DHT11 sensor to the Pico accordingly -   Left pin (Signal) - GPIO Pin 22 (or a...