Application Security

An executable file (exe file) contains an encoded sequence of instructions that the system can execute directly when the user clicks the file icon.

A file path traversal attack (also known as directory traversal) is a web security vulnerability that allows an attacker to access files and directories that are stored outside the web root folder.

Form field tampering (also known as form field manipulation) occurs when a hacker maliciously manipulates the form fields to change the data sent to a web server.

Formjacking is a type of cyber attack that occurs when hackers inject malicious JavaScript code into a webpage and take over the functionality of the site's form page, usually a payment form, to collect sensitive user information.

A function call injection attack consists of an insertion of a function name parameter from code running on the client-side to the application meaning that a successful injection can execute any built-in or user definted function.

JWT validation is the critical security process of verifying the integrity, authenticity, and validity of a JSON Web Token (JWT) before acting on its claims. It requires checking the signature using the issuer's public key (e.g., via JWKS), verifying standard claims.

A headless browser is a web browser without a user interface. Headless browsers perform all the normal functions of a web page, such as clicking links, navigating pages, downloading and uploading a document...

Heartbleed is caused by a vulnerability in OpenSSL cryptographic source code library. The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software.