Privacy & Cookies

This website uses cookies. By continuing to use this site you are agreeing to our use of cookies.

Website Security Articles [11]

  • Practical Applications of Directory Traversals

    Website Security
    Null Prerequisites Throughout this paper, many scripting languages will be used to provide proof-of-concept and other examples for the benefit of the reader. A basic understanding of these languages is required in order to completely understand the concepts that are conveyed herein. In addition to... continue reading
  • Cookie-based SQL Injection

    Website Security
    Overview What is Cookie ? A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user’s browser and for the browser to return the state information to the origin site. The state information can be used for authentication,... continue reading
  • Practical Applications of Cross Site Scripting (XSS)

    Website Security
    Prerequisites Throughout this paper, many scripting languages will be used to provide proof-of-concept and other examples for the benefit of the reader. A basic understanding of these languages is required in order to completely understand the concepts that are conveyed herein; that being said, a la... continue reading
  • Second Order SQL injections

    Website Security
    INTRODUCTION There are a good numbers of SQL injections. One of the most difficult to detect and to exploit are Second Order SQLi. We can definy First Order SQLi as the "classical" and more frequent vulnerability in which we edit a legit query with our own code in the same SQL statement i... continue reading
  • A Basic Introduction to Cross-Site Scripting (XSS)

    Website Security
    Cross Site Scripting (XSS) attacks occur when a website fails to properly prevent attackers from inserting malicious code into an area that takes user provided data, such as form fields on a webpage, HTTP headers, URLs etc. This code is then used to attack other users, rather than the actual website... continue reading