Directory traversal, also known as path traversal, is a type of vulnerability that allows an attacker to access files and directories that are outside of the intended directory structure. This can
CSRF(Cross-Site Request Forgery) Understanding CSRF. CSRF attacks occur when a malicious actor tricks an authenticated user into unknowingly performing actions on a web application that they are
CSRF: Verify token presence on necessary forms (Create, Update, Delete)
Check server-side token length validation
Ensure server checks for token parameter
Test server response to empty parameter and
A list of various DNS (Domain Name System) tools that serve different purposes: nslookup: A command-line tool available on most operating systems for querying DNS to obtain domain name or IP address
Cross-Site Scripting (XSS) Reflected XSS: Look for parameters and user inputs that are reflected back in the page without proper encoding.
Use fuzzing with a list of XSS payloads to test how inputs
10 takeaways from the Equifax breach: Massive Data Breach: The Equifax breach, which occurred in 2017, was one of the most significant data breaches in history, surpassing in scale and impact many
Prototype Pollution Prototype pollution is a serious vulnerability that can affect web applications, leading to potentially devastating consequences, Let's dive in. What is Prototype