Ketki's Blog on Web Security

[...] memory, overwrite it with random data, and use strong encryption to safeguard it Related Posts: OWASP Top Ten 2010 Web App Risks Insufficient Transport Layer Protection Broken Authentication – [...]

[...] Cross-Site Request Forgery (CSRF) is an attack outlined in the OWASP Top 10 whereby a malicious website will send a request to a web application that a user is already [...]

[...] File Upload control, can be very harmful to your website Broken Authentication – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Don’t check &# [...]

[...] here’s the vulnerable pseudocode: fixed psuedocode: Related Posts: Broken Authentication – OWASP Top 10 Vulnerability Is your password secure? Cross-Site Request Forgery – OWASP Top 10 [...]

[...] of characterizing an anonymous user and this is through the process of the NULL session. The NULL sessions are the unauthenticated sessions of the Server Message Block (SMB), which is the core network [...]

[...] an attack technique used to exploit “dynamic file include” mechanisms in web applications. When web applications take user input (URL, parameter value, etc.) and pass them into [...]

[...] A common problem in web applications, failing to restrict URL access typically happens when a page doesn’t have the correct [...]

[...] Stored Cross-Site Scripting (XSS) is one of the major flaw in Web Applications, and it is also one of the difficult form of Cross-Site Scripting to be detected by [...]

[...] traversal attacks, directory climbing, and backtracking. Example of directory traversal: In web applications with dynamic pages, input is usually received from browsers through GET or POST request [...]

[...] Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Programming an Unrestricted File Upload control, can be very harmful to your website Failure to Restrict URL Access [...]

[...] applications Related Posts: Tips to secure your computer or network Programming an Unrestricted File Upload control, can be very harmful to your website Broken Authentication – OWASP Top 10 [...]

[...] ; OWASP Top 10 Vulnerability Insufficient Transport Layer Protection Programming an Unrestricted File Upload control, can be very harmful to your website [...]

[...] Protection Cross-site scripting – OWASP Top 10 Vulnerability Programming an Unrestricted File Upload control, can be very harmful to your website [...]

[...] Reference Failure to Restrict URL Access Authorization Failure – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability [...]

[...] , can be very harmful to your website Broken Authentication – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Don’t check “remember my password&# [...]

[...] Redirects and Forwards Cross-Site Request Forgery – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Programming an Unrestricted File Upload [...]

[...] Unvalidated Redirects and Forwards Insecure Cryptographic Storage – OWASP Top 10 Vulnerability Phishing, Vishing, Smishing [...]

[...] Posts: OWASP Top Ten 2010 Web App Risks Authorization Failure – OWASP Top 10 Vulnerability Phishing, Vishing, Smishing HTTP Response Splitting Broken Authentication – OWASP Top 10 [...]

[...] is not executed using some wrapper, code in include files is executed in the context of the server user. This could lead to a complete system compromise. Running malicious code on clients: the [...]