Deep web layers
The deep web refers to the portion of the internet that is not indexed by search engines and is not accessible through standard web browsers. The deep web can be thought of as having several layers, each with its own characteristics and purpose.It can be thought of as having four layers: the surface web, the dark web, the invi... [...]
Read More
SQL Injection: types and impact on real world applications
SQL injection is a type of cyber attack in which an attacker injects malicious code into an application's SQL statements in an attempt to gain unauthorized access to or manipulate data in a database. SQL injection attacks can have serious consequences for real-world applications, as they can compromise the security and integ... [...]
Read More
Union-based SQL injection
Union-based SQL injection is a type of SQL injection attack that involves using the UNION operator in a SQL query to combine the results of two or more SELECT statements. This allows the attacker to access and manipulate data from multiple tables in the database.To perform a union-based SQL injection attack, the attacker mus... [...]
Read More
CRSF, cross site request forgery
Cross-Site Request Forgery (CSRF) is a type of cyber attack that involves tricking a user into making unintended actions on a website. These actions can include things like changing the user's password, transferring money, or deleting data. CSRF attacks are often executed by an attacker through the use of maliciously crafted... [...]
Read More
The Edward Snowden’case
Edward Snowden is a former U.S. government employee who leaked classified information about government surveillance programs to the media in 2013. His disclosures revealed a number of controversial programs, including the U.S. National Security Agency's (NSA) PRISM surveillance program and the U.S. Central Intelligence Agenc... [...]
Read More
OWASP top 10 2017
The OWASP Top 10 is a list of the most common web application security risks, as identified by the Open Web Application Security Project (OWASP). The list is intended to educate developers and security professionals about the most critical security risks facing web applications and provide guidance on how to prevent and mitigate... [...]
Read More SSRF, Server Side Request Forgery
Server-Side Request Forgery (SSRF) is a type of web application vulnerability that allows an attacker to send a malicious request from a vulnerable server to another server on behalf of the vulnerable server. This can allow the attacker to access resources that are not normally accessible to them, such as internal network resour... [...]
Read More
XSS: Cross-site scripting types and how they work
XSS is one of the most common security issues we have to worry about. It can be simple to prevent it but sometimes it's not. We must pay attention not only on our PHP code but even on HTML and Javascript ocde without forgetting old browsers. Some malicious users can use old version of Internet Explorer to explore the DOM and... [...]
Read More