web-app

Fingerprinting the Database

May 6, 2020 Krishna Fingerprinting the Database, HACKING, html, Injecting Code, Linux, MS-SQL, Oracle, security, web, web-app, web-app-hack, web-site-hack

Most of the techniques described so far are effective against all of the common database platforms, and any divergences have

Tutorial Web Hosting Website

The UNION Operator

May 6, 2020May 6, 2020 Krishna Injecting Code, The UNION Operator, web-app, web-app-hack, web-app-security, web-app-site, web-site

The UNION operator is used in SQL to combine the results of two or more SELECT statements into a single

Tutorial Web Hosting Website

Finding SQL Injection Bugs

May 6, 2020 Krishna DELETE Statements, Finding SQL Injection Bugs, Injecting Code, Injecting into Different Statement Types, INSERT Statements, Numeric Data, SELECT Statements, SQL, SQL statements, String Data, web-app, web-app-hack, web-hack, web-site

In the most obvious cases, a SQL injection flaw may be discovered and conclusively verified by supplying a single item

Tutorial Web Hosting Website

Injecting into SQL

May 6, 2020May 6, 2020 Krishna Bypassing a Login, Exploiting a Basic Vulnerability, http, Injecting Code, Injecting into SQL, Linux, PHP, SQL injection, web, web hacking, web-app, web-app-hack, web-site

Almost every web application employs a database to store the various kinds of information that it needs in order to

Tutorial Web Hosting Website

Injecting Code

May 5, 2020 Krishna attacker, code injection, command shell, HACKING, Injecting Code, Injecting into Interpreted Languages, interpreted language, ldap, Perl, PHP, shell scripting environment, SQL, VULNERABILITIES, vulnerable script, web application, web hacking, web-app, web-site

The topic of code injection is a huge one, encompassing dozens of different languages and environments, and a wide variety

Tutorial Web Hosting Website

A Multi-Layered Privilege Model

May 5, 2020 Krishna A Multi-Layered Privilege Model, Attacking Access Controls, Declarative control, Discretionary access control, HACKING, Programmatic control, Role-based access control, web-app, web-app-hacking, web-site, web-site hacking

Issues relating to access apply not only to the web application itself but also to the other infrastructure tiers which

Tutorial Web Hosting Website

Securing Access Controls

May 5, 2020 Krishna Access controls, application URL, Attacking Access Controls, ETHICAL HACKING, HACKING, HTTP Authentication, Securing Access Controls, Web application developers, web application security, web-app, web-app-hacking

Access controls are one of the easiest areas of web application security to understand, although a well-informed, thorough methodology must

Tutorial Web Hosting Website

Attacking Access Controls

May 5, 2020 Krishna Attacking Access Controls, web-app, web-app-hacking, web-hack, web-site

Before starting to probe the application to detect any actual access control vulnerabilities, you should take a moment to review

Tutorial Web Hosting Website

Attacking Access Controls

May 5, 2020 Krishna Attacking Access Controls, Completely Unprotected Functionality, ETHICAL HACKING, hack, Identifier-Based Functions, Insecure Access Control Methods, Multistage Functions, Static Files, web-app, web-app-hacking, web-site

Common Vulnerabilities Access controls can be divided into two broad categories: vertical and horizontal. Vertical access controls allow different types

Uncategorized

Securing Session Management

May 5, 2020 Krishna Attacking Session Management, ETHICAL HACKING, Generate Strong Tokens, HACKING, Per-Page Tokens, Protect Tokens throughout Their Lifecycle, Securing Session Management, web-app, web-site, wep-app-hacking

The defensive measures that web applications must take to prevent attacks on their session management mechanisms correspond to the two