Security Testing Procedure and Approaches
It is a type of software testing that checks whether the application or product is secured or not. Or Security testing is performed to...
top of page
Search
CSRF(Cross Site Request Forgery)
Cross site request forgery happens in authenticated session when the server is trust on the user. CSRF attack occurs when a malicious...
Cross Site Scripting Attack and Solution
XSS:- It doesn't need an authenticated session and can be exploited when the vulnerable website doesn't do the basic validation or...
Security Header
Below all headers are mitigating Cross-site scripting. Content Security Policy Header:- system.webServer> <httpProtocol> <customHeaders>...
Content security policy header
Currently, OWASP update the Header issue To protect against Cross-Site Scripting, set the 'default-src' policy, or 'script-src' AND...
Some more attribute to set in session and headers
Missing HTTP ONLY attribute in session cookie <session-config> <cookie-config> <http-only>true</http-only> </session-config>...
Difference between multiple security terms
Encoding Maintaining data usability Reversed data by employing same algorithm No secret key Encryption Maintaining data confidentiality...
Difference security terms
Phishing Steal the information It is a method of retrieval Phishing attack is use spoofing Steal the information Spoofing Download...
Union SQL Injection
In this attacker uses the UNION Statement for the attack which merges the two or more selected statement for retrieving the data from the...
Session Hijacking Attack and Prevention
Session Hijacking:- It is also known as TCP hijacking or cookie hijacking obtaining a session ID over the network. Once a session has...
bottom of page