As companies accept new digital technologies, the possibility of being targeted by cyber-attacks increases. Increasing network complication through digital innovation often makes unique network differences that cyber attackers can take advantage of. If…
Read more
The “HOST” header is part of the http protocol, vulnerable applications are vulnerable because they insert the value of this header into the application code without proper validation, this means not only applications…
Read more
In this article, we’ll be exploiting the HTTP PUT method vulnerability on one of the Metasploitable2 webserver through which you can easily upload any malicious file onto the server and can gain the…
Read more
If you’re using the HTTP protocol for surfing Internet, you usually use only using two of its methods i.e. GET and POST. However HTTP has a number of other methods like OPTIONS, TRACE,…
Read more
As seen from the previous articles, SQL injection has the ability to attack a web server database, compromise critical information, and expose the server and the database to a variety of malicious exploits;…
Read more
The most prominent components of web applications that intruders will first seek to exploit are vulnerabilities within the web platform. The web platform commonly includes: Web server software (such as IIS or Apache)….
Read more
The below questions and answers are designed to both measure your understanding of the concepts of XSS -Cross Site Scripting Attacks and Prevention. Q1: What is the difference between HTML Injection and XSS?…
Read more
Web Application Proxies like Burp Proxy, WebScarab or Tamper Data Addon allow a security tester to intercept the requests/responses between the client HTTP application and the web server. Proxies are the fundamental for…
Read more