LinkedIn Cross-Site-Scripting (XSS) & Content Spoofing Vulnerability
Couple of days back, I reported XSS and Content Spoofing on LinkedIn. Here are the details of the issues. Cross Site Scripting: What is Cross Site Scripting? […]
Category: Sql Injection
From SQL Injection To 0wnage Using SQLMap
SQL injection – one of the most critical vulnerabilities till now – is still included in the OWASP Top 10 list’s Injection flaws section. SQLMap […]
[Survey] Web Application Security – Getting Coders To Code Securely
Web Application security has become the biggest concern for almost all organizations who wish to bring their business to the Internet. There are various reasons […]
File Fuzzing Using Minifuzz
What is Fuzzing? Fuzz testing is a testing technique that provides malicious input to the application. Fuzz testing is crashes, assertion failures, and memory leaks […]
Identifying Security Flaws With Code Analysis Tool (CAT.NET)
Code Analysis Tool (CAT.NET) is a binary source code analysis tool that helps in identifying common security flaws in managed code. These vulnerabilities are listed […]
Logging in MySQL
Scope: This article demonstrates logging techniques in MySQL to uncover and analyze any mischief attempts done by (outside or inside) user focusing on specific areas […]
SQL Injection in Stored Procedure & Preventing from the same
Following is the small example of creating a stored procedure. ==================================================================== CREATE PROC sp_login (@loginid nvarchar(25),@password nvarchar(25)) AS DECLARE @SQLString VARCHAR(500) DECLARE @loginid VARCHAR(64) DECLARE […]