web security - Eduguru

Ethical Hacking IT Security Tutorial Web Hosting Website

Securing Web Server Software

May 18, 2020 Krishna Apply Vendor Patches, Attacking the Web Server, Choose Software with a Good Track Record, ETHICAL HACKING, hack, HACKING, Monitor for New Vulnerabilities, Perform Security Hardening, Securing Web Server Software, Use Defense-in-Depth, web security, web-app, web-site

To some extent, an organization deploying a third-party web server product is inevitably placing its fate in the hands of

Ethical Hacking IT Security Tutorial Web Hosting Website

Finding Web Server Flaws

May 18, 2020 Krishna Apache or Jetty, Attacking the Web Server, ETHICAL HACKING, Finding Web Server Flaws, hack, scanning tools, security, Software, VULNERABILITIES, web security, Web server, web server deployments, web-app, web-site

If you are lucky, the web server you are targeting may contain some of the actual vulnerabilities described in this

Ethical Hacking IT Security Tutorial Web Hosting Website

Encoding and Canonicalization Vulnerabilities

May 18, 2020 Krishna Allaire JRun Directory Listing Vulnerability, Encoding and Canonicalization Vulnerabilities, ETHICAL HACKING, hack, HACKING, IT- Security, Microsoft IIS Unicode Path Traversal Vulnerabilities, Oracle PL/SQL Exclusion List Bypasses, security, web security, web-app, web-site

Encoding flaws have arisen in many kinds of web server software and present an inherent threat in situations where the

IT Security linux Tutorial Web Hosting Website

Technical Challenges Faced by Vulnerability Scanners

May 16, 2020 Krishna A Web Application Hacker’s Toolkit, Authentication and Session Handling, Dangerous Effects, ETHICAL HACKING, Individuating Functionality, Other Challenges to Automation, security, Technical Challenges Faced by Scanners, Technical Challenges Faced by Vulnerability Scanners, Using a Vulnerability Scanner, web security, web-app, web-app-hack, web-site, web-site-hack

The barriers to automation described previously lead to a number of specific technical challenges that must be addressed in the

Tutorial Web Hosting Website

A Web Application Hacker’s Toolkit

May 13, 2020May 13, 2020 Krishna A Web Application Hacker’s Toolkit, Cookies, ETHICAL HACKING, Firefox, FoxyProxy, HACKING, HTML documents, http, HTTP Requests, Internet Explorer, Opera, scripts, security, Web Browsers, web security, web-app, web-site

Some attacks on web applications can be performed using only a standard web browser; however, the majority of them require

Tutorial Web Hosting Website

Local Privacy Attacks

May 13, 2020May 13, 2020 Krishna Attacking Other Users, Autocomplete, Browsing History, Cached Web Content, Local Privacy Attacks, Persistent Cookies, Preventing Local Privacy Attacks, web security, web-app, web-app-security

Many users access web applications from a shared environment in which an attacker may have direct access to the same

Tutorial Web Hosting Website

Attacking ActiveX Controls

May 13, 2020May 13, 2020 Krishna Attacking ActiveX Controls, Attacking Other Users, COMRaider showing the methods of an ActiveX control, ExecuteCommand, Finding ActiveX Vulnerabilities, html, Preventing ActiveX Vulnerabilities, security, web security, web-app, web-app-hack, web-site

ActiveX controls are of particular interest to an attacker who is targeting other users. When an application installs a control

Tutorial Web Hosting Website

JSON Hijacking

May 12, 2020 Krishna Attacking Other Users, Attacks against JSON, ETHICAL HACKING, Finding JSON Hijacking Vulnerabilities, Implementing a Callback Function, JSON, JSON Hijacking, Overriding the Array Constructor, Preventing JSON Hijacking, web security, web-app, web-app-hack, web-site

JSON hijacking is a special version of an XSRF attack, which in certain circumstances can violate the objectives of the

Tutorial Web Hosting Website

HTTP Header Injection

May 12, 2020 Krishna Attacking Other Users, Delivering Other Attacks, ETHICAL HACKING, Exploiting Header Injection Vulnerabilities, HTTP Header Injection, HTTP Response Splitting, Injecting Cookies, Input validation, Output validation, Preventing Header Injection Vulnerabilities, security, web security, web-app, web-app-hack, web-site

HTTP header injection vulnerabilities arise when user-controllable data is inserted in an unsafe manner into an HTTP header returned by

Tutorial Web Hosting Website

Attacking Other Users

May 12, 2020 Krishna Addition of an Absolute Prefix, Attacking Other Users, Blocking of Absolute URLs, Circumventing Obstacles to Attack, ETHICAL HACKING, Finding and Exploiting Redirection Vulnerabilities, Preventing Redirection Vulnerabilities, web security, web-app, web-site

The majority of interesting attacks against web applications involve targeting the server-side application itself. Many of these attacks do of course

← Previous