Cross-Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. Cross-Site Scripting (XSS) Not to be confused with XML Stylesheets (same acronym), cross-site scripting, also known as XSS, is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application. Cross-site WebSocket hijacking (also known as cross-origin WebSocket hijacking) Cross-site WebSocket hijacking, also known as cross-origin WebSocket hijacking, involves a cross-site request forgery (CSRF) vulnerability on a WebSocket handshake. DAST (Dynamic Application Security Testing) Dynamic application security testing (DAST) is a process of testing an application or software product in an operating state. Data Breach A data breach, also known as a data spill or data leak, is an incident that involves the unauthorized or illegal viewing, access, or retrieval of data by an individual, application or service. Database Fingerprinting & Reconnaissance Database fingerprinting is the process of 'feeling out' a database using SQL to gather more information to be able to perform a more successful attack. Database Interrogation The process of using basic SQL injections and guesswork to find out information about a database (see Database Fingerprinting). Device Fingerprinting Device fingerprinting is a way to combine certain attributes of a device such as OS, browser version, browser language version, IP address to identify it as a unique device. Previous 1 2 3 4 5 6 ... Next 4 5 6
Cross-Site Request Forgery (CSRF) Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.
Cross-Site Scripting (XSS) Not to be confused with XML Stylesheets (same acronym), cross-site scripting, also known as XSS, is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application.
Cross-site WebSocket hijacking (also known as cross-origin WebSocket hijacking) Cross-site WebSocket hijacking, also known as cross-origin WebSocket hijacking, involves a cross-site request forgery (CSRF) vulnerability on a WebSocket handshake.
DAST (Dynamic Application Security Testing) Dynamic application security testing (DAST) is a process of testing an application or software product in an operating state.
Data Breach A data breach, also known as a data spill or data leak, is an incident that involves the unauthorized or illegal viewing, access, or retrieval of data by an individual, application or service.
Database Fingerprinting & Reconnaissance Database fingerprinting is the process of 'feeling out' a database using SQL to gather more information to be able to perform a more successful attack.
Database Interrogation The process of using basic SQL injections and guesswork to find out information about a database (see Database Fingerprinting).
Device Fingerprinting Device fingerprinting is a way to combine certain attributes of a device such as OS, browser version, browser language version, IP address to identify it as a unique device.