HTTP Response Splitting (CRLF injection) HTTP Response Splitting refers to an attacker’s ability to send a single HTTP request that forces the web server to form an output stream, which is then interpreted by the target as two HTTP responses instead of one response. Identification and Authentication Failures: Risks & Defenses Identification and authentication failures are security vulnerabilities where systems fail to verify user identities, leading to unauthorized access. These failures can stem from weak password policies, poor session management, or a lack of multi-factor authentication (MFA). iFrame Injection XSS An iframe is a HTML webpage that is embedded inside another webpage on a website, allowing for the inclusion of content from external sources, such as advertising, on webpages. Insecure Application Design Insecure Application Design refers to the risks related to missing or ineffective design controls and architectural flaws in application development. Insufficient Logging and Monitoring Insufficient logging and monitoring refers to a security event not being correctly detected, logged and monitored to ensure adequate and timely response to the incident or breach. IP reputation An IP address with a strong history of non-malicious activity, for example, that has never been associated with malicious behaviour or malware... JavaScript Challenge JavaScript Challenge is a method that is used in DDoS mitigation to filter out requests that are characteristic of a botnet or other malicious computer. jQuery Injection jQuery is a small, fast, feature-rich JavaScript library ('write less, do more') commonly used in web applications. jQuery takes a lot of common tasks that require many lines of JavaScript ... Previous ... 7 8 9 10 11 12 ... Next 7 8 9
HTTP Response Splitting (CRLF injection) HTTP Response Splitting refers to an attacker’s ability to send a single HTTP request that forces the web server to form an output stream, which is then interpreted by the target as two HTTP responses instead of one response.
Identification and Authentication Failures: Risks & Defenses Identification and authentication failures are security vulnerabilities where systems fail to verify user identities, leading to unauthorized access. These failures can stem from weak password policies, poor session management, or a lack of multi-factor authentication (MFA).
iFrame Injection XSS An iframe is a HTML webpage that is embedded inside another webpage on a website, allowing for the inclusion of content from external sources, such as advertising, on webpages.
Insecure Application Design Insecure Application Design refers to the risks related to missing or ineffective design controls and architectural flaws in application development.
Insufficient Logging and Monitoring Insufficient logging and monitoring refers to a security event not being correctly detected, logged and monitored to ensure adequate and timely response to the incident or breach.
IP reputation An IP address with a strong history of non-malicious activity, for example, that has never been associated with malicious behaviour or malware...
JavaScript Challenge JavaScript Challenge is a method that is used in DDoS mitigation to filter out requests that are characteristic of a botnet or other malicious computer.
jQuery Injection jQuery is a small, fast, feature-rich JavaScript library ('write less, do more') commonly used in web applications. jQuery takes a lot of common tasks that require many lines of JavaScript ...