search
Follow Topic rss_feed

Attacks are the techniques that attackers use to exploit the vulnerabilities in applications. Attacks are often confused with vulnerabilities, so please try to be sure that the attack you are describing is something that an attacker would do, rather than a weakness in an application.

Bharat Dwarkani shared on Jan 29, 2020
image
owasp.org
bookmarks
share
visibility7
visibility7 share bookmarks

innerHTML is a JavaScript tag whos property is used for DOM manipulation. More specifically, it "sets or returns the HTML content (the inner HTML) of an element." Ordinarily, this property is used to examine the current HTML source of the page, including any changes that have been made since the page was initially loaded. But, it can also be used for Cross-site Scripting(XSS).

Bharat Dwarkani shared on Jan 26, 2020
image
dev.to
bookmarks
share
visibility7
visibility7 share bookmarks

A JavaScript Polyglot is a Cross Site Scripting (XSS) vector that is executable within various injection contexts in its raw form, or a piece of code that can be executed in multiple contexts in the application. So, a JavaScript polyglot can be multiple things at once, like a JavaScript/JPEG

Bharat Dwarkani shared on Jan 26, 2020
image
dev.to
bookmarks
share
visibility4
visibility4 share bookmarks

In the coding world Hashing and Encryption are two processes that are often used interchangeably when talking about security of information. However, though they might be used interchangeably they are two different processes that are used in difference places and it is important to note their differences to understand where to use them.

Bharat Dwarkani shared on Jan 26, 2020
image
dev.to
bookmarks
share
visibility7
visibility7 share bookmarks

This post is part of the series 'Vulnerabilities'. Be sure to check out the rest of the blog posts of the series! Impersonation and security SQL injections How to prevent CSRF attacks ASP MVC and XSRF Cross-site scripting (XSS) ASP MVC: Mass Assignment Regex - Deny of Service (ReDoS) (this post) Deserialization can be dangerous Prevent Zip bombs in .NET

Bharat Dwarkani shared on Jan 22, 2020
image
meziantou.net
bookmarks
share
visibility17
visibility17 share bookmarks

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics.

Bharat Dwarkani shared on Jan 19, 2020
image
cheatsheetseries.owasp.org
bookmarks
share
visibility11
visibility11 share bookmarks

In this course, you will learn the basics of Kali Linux. The course covers installation, using the terminal / command line, bash scripting, tools and features for ethical hacking, and more. The course focuses on Kali Linux but much of the content applies to other versions of Linux as well.

Bharat Dwarkani shared on Dec 15, 2019
image
youtube.com
bookmarks
share
visibility4
visibility4 share bookmarks

Learn network penetration testing / ethical hacking in this full tutorial course for beginners. This course teaches everything you need to know to get started with ethical hacking and penetration testing. You will learn the practical skills necessary to work in the field. Throughout the course, we will develop our own Active Directory lab in Windows, make it vulnerable, hack it, and patch it.

Bharat Dwarkani shared on Dec 15, 2019
image
youtube.com
bookmarks
share
visibility2
visibility2 share bookmarks

Isn’t it going to be nice if you can reach your pen-testing lab from all over the world? As we all know, this is a digital age that makes life easier than our expectations, thus anyone can access their information/data from the cloud. Similarly, a Pentester can design its pen-testing environment for the vulnerable machine on the cloud that can be accessed from anywhere.

Bharat Dwarkani shared on Dec 04, 2019
image
hackingarticles.in
bookmarks
share
visibility3
visibility3 share bookmarks

Nowadays, people are worrying to use the internet due to website security. Internet theft is increasing day by day. Users are trying to mislead the internet in recent years. So it is the developer’s responsibility to the internet well and we don’t want to make the way to malicious activities to take place in our own/undertaking applications.

Puthiya shared on Nov 20, 2019
image
rsagames.com
bookmarks
share
visibility14
visibility14 share bookmarks
add