M0N73 CRIS70

I have been off from blogging for a while, this is because I partially stopped learning these stuffs. Now I thought I will begin again from the start as I found a new and Interesting website.Come join me as I walk though the tutorial provided by  Portswigger  . First we have to make an account, then go to the learn tab.There they provides XML external entity (XXE) injection SQL injection Cross-site scripting (XSS) OS command injection File path traversal (directory traversal) They are improving the courses.So lets start with sql injection. They have given a detailed material about it, even a video tutorial is provided What is SQL injection?  It is a web vulnerability which allows an attacker to use SQL commands to retrieve unauthenticated data , Get admin privilege and other harmful acts.  While we move along,There are vulnerability labs for testing what we have learned which is a very good feature.In blog lets try the first lab ...

Some topic for self Learning?? [+] Sql Injection Attack [+] Hibernate Query Language Injection [+] Direct OS Code Injection [+] XML Entity Injection [+] Broken Authentication and Session Management [+] Cross-Site Scripting (XSS) [+] Insecure Direct Object References [+] Security Misconfiguration [+] Sensitive Data Exposure [+] Missing Function Level Access Control [+] Cross-Site Request Forgery (CSRF) [+] Using Components with Known Vulnerabilities [+] Unvalidated Redirects and Forwards [+] Cross Site Scripting Attacks [+] Click Jacking Attacks [+] DNS Cache Poisoning [+] Symlinking – An Insider Attack [+] Cross Site Request Forgery Attacks [+] Remote Code Execution Attacks [+] Remote File inclusion [+] Local file inclusion [+] EverCookie [+] Denial oF Service Attack [+] Cookie Eviction [+] PHPwn [+] NAT Pinning [+] XSHM [+] MitM DNS Rebinding SSL/TLS Wildcards and XSS [+] Quick Proxy Detection [+] Improving HTTPS Side Channel Attacks [+] Side Chan...