Skip to content

Pull requests: ZeroPathAI/juice-shop-demo

New pull request New
1,607 Open 0 Closed
1,607 Open 0 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Implement login throttling and lockout mechanism to mitigate brute-force attacks on the authentication endpoint.
#1607 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Add CAPTCHA verification to reset password handler to prevent automated reset attempts
#1606 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement account lockout, delay, and failed attempt tracking on anonymous login to prevent brute-force attacks.
#1605 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement login attempt throttling and account lockout to mitigate brute-force attacks on authentication endpoint.
#1604 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement per-user failed login attempt tracking and account lockout in login() handler to mitigate brute force attacks.
#1603 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Set dummy resetRequest cookie on password reset errors to prevent username/email enumeration (TypeScript).
#1602 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Add CAPTCHA verification, rate limiting, and dummy resetRequest cookie to mitigate automation and username enumeration in security question handler.
#1601 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Add password reset token verification to prevent unauthorized password changes in resetPassword route
#1600 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement account lockout after repeated failed login attempts to mitigate brute-force attacks on the login endpoint.
#1599 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement rate limiting on login endpoint to mitigate brute-force attacks and enforce throttling on failed authentication attempts.
#1598 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement per-user failed login tracking and account lockout mechanism to prevent authentication brute-force attacks.
#1597 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Fix improper lockout on password reset by tracking failed attempts and enforcing account lock after five incorrect answers in TypeScript handler.
#1596 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement failed login attempt tracking and account lockout to mitigate brute-force authentication bypass.
#1595 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Add comprehensive security controls to reset-password endpoint, including CAPTCHA, secure token with TTL, account lockout, dummy cookie, security question, post-reset session termination, and user notification.
#1594 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement cryptographically secure password reset token generation, storage, verification, and expiration to enforce token-based password reset workflow.
#1593 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Invalidate all user sessions and send password-change notification email after successful password update.
#1592 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement failed login attempt tracking, account lockout, and exponential backoff delay in login handler to mitigate brute-force attacks.
#1591 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Add account lockout after 5 consecutive failed security-answer attempts to prevent unlimited guessing
#1590 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Add comprehensive security measures to /rest/user/reset-password including CAPTCHA verification, secure token checks, username enumeration prevention, account lockout, security questions, post-reset session termination, and user notification.
#1589 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Add CAPTCHA verification to securityQuestion endpoint to prevent email enumeration attacks
#1588 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Terminate user sessions and send password change notification after password update to enhance security.
#1587 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Terminate existing sessions and send password change notification email after successful password reset to meet post-reset security requirements.
#1586 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Fix username enumeration by setting dummy cookie and constant response timing on invalid password reset attempts
#1585 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Add failed security answer attempt counter and automatic account lock after five consecutive failures in resetPassword route.
#1584 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
Implement login attempt tracking, exponential backoff, and account locking on failed authentication to mitigate brute-force attacks.
#1583 opened Aug 14, 2025 by zeropath-ai-dev bot Loading…
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.