Ketki's Blog on Web Security
Enter a key term, phrase, name or location to get a selection of only relevant news from all RSS channels.
Enter a domain's or RSS channel's URL to read their news in a convenient way and get a complete analytics on this RSS feed.
Is your Corporate Social Networking account secure?
In the past few months / years, we have read news stories about social accounts of large organizations being hacked on a regular basis. There are several...
Vulnerability Assessment v/s Penetration Testing
May a time we have seen people mixing up two independent types of testing, Vulnerability assessment and penetration testing. Both the testing techniques...
Null Sessions Anatomy
Windows has its own way of characterizing an anonymous user and this is through the process of the NULL session. The NULL sessions are the unauthenticated...
Directory Traversal Vulnerability
A directory traversal consists in exploiting insufficient security validation of user-supplied input file names, so that characters representing &ldquo...
Remote File Inclusion
Remote File Include (RFI) is an attack technique used to exploit “dynamic file include” mechanisms in web applications. When web applications...
Smartphones and Security
Many people remain unaware that smartphones face even greater security threats than home computers. Viruses, hacking and theft can put sensitive personal...
How secure is your smart phone? Checkout these tips to secure your smart phone
Many people remain unaware that smartphones face even greater security threats than home computers. Viruses, hacking and theft can put sensitive personal...
Stored XSS via File Upload
Stored Cross-Site Scripting (XSS) is one of the major flaw in Web Applications, and it is also one of the difficult form of Cross-Site Scripting to be...
CRLF Injection Attack
The term CRLF stands for Carriage Return (CR, ASCII 13, \r) Line Feed (LF, ASCII 10, \n). These are ACSII characters which display nothing on screen but...
A Guide to Better Password Practices
Let’s be honest, passwords are annoying. These days, we need a password almost everywhere and we can’t keep track of them all. We forget to...
Phishing, Vishing, Smishing
In today’s Internet world there are several ways for a thief to get you personal account information to use for fraudulent purposes. Some of the...
Unfortunately Ketki's Blog on Web Security has no news yet.
But you may check out related channels listed below.
Insecure Cryptographic Storage – OWASP Top 10 Vulnerability
[...] memory, overwrite it with random data, and use strong encryption to safeguard it Related Posts: OWASP Top Ten 2010 Web App Risks Insufficient Transport Layer Protection Broken Authentication – [...]
Cross-Site Request Forgery – OWASP Top 10 Vulnerability
[...] Cross-Site Request Forgery (CSRF) is an attack outlined in the OWASP Top 10 whereby a malicious website will send a request to a web application that a user is already [...]
Common Vulnerabilities in Configuration Files
[...] File Upload control, can be very harmful to your website Broken Authentication – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Don’t check &# [...]
Easy to Break, Easy to Plug – CAPTCHA Security
[...] here’s the vulnerable pseudocode: fixed psuedocode: Related Posts: Broken Authentication – OWASP Top 10 Vulnerability Is your password secure? Cross-Site Request Forgery – OWASP Top 10 [...]
Null Sessions Anatomy
[...] of characterizing an anonymous user and this is through the process of the NULL session. The NULL sessions are the unauthenticated sessions of the Server Message Block (SMB), which is the core network [...]
Remote File Inclusion
[...] an attack technique used to exploit “dynamic file include” mechanisms in web applications. When web applications take user input (URL, parameter value, etc.) and pass them into [...]
Failure to Restrict URL Access
[...] A common problem in web applications, failing to restrict URL access typically happens when a page doesn’t have the correct [...]
Stored XSS via File Upload
[...] Stored Cross-Site Scripting (XSS) is one of the major flaw in Web Applications, and it is also one of the difficult form of Cross-Site Scripting to be detected by [...]
Directory Traversal Vulnerability
[...] traversal attacks, directory climbing, and backtracking. Example of directory traversal: In web applications with dynamic pages, input is usually received from browsers through GET or POST request [...]
HTTP Response Splitting
[...] Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Programming an Unrestricted File Upload control, can be very harmful to your website Failure to Restrict URL Access [...]
Common Vulnerabilities in Configuration Files
[...] applications Related Posts: Tips to secure your computer or network Programming an Unrestricted File Upload control, can be very harmful to your website Broken Authentication – OWASP Top 10 [...]
Easy to Break, Easy to Plug – CAPTCHA Security
[...] ; OWASP Top 10 Vulnerability Insufficient Transport Layer Protection Programming an Unrestricted File Upload control, can be very harmful to your website [...]
Failure to Restrict URL Access
[...] Protection Cross-site scripting – OWASP Top 10 Vulnerability Programming an Unrestricted File Upload control, can be very harmful to your website [...]
Unvalidated Redirects and Forwards
[...] Reference Failure to Restrict URL Access Authorization Failure – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability [...]
Common Vulnerabilities in Configuration Files
[...] , can be very harmful to your website Broken Authentication – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Don’t check “remember my password&# [...]
HTTP Response Splitting
[...] Redirects and Forwards Cross-Site Request Forgery – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Programming an Unrestricted File Upload [...]
Insecure Direct Object Reference
[...] Unvalidated Redirects and Forwards Insecure Cryptographic Storage – OWASP Top 10 Vulnerability Phishing, Vishing, Smishing [...]
Cross-Site Request Forgery – OWASP Top 10 Vulnerability
[...] Posts: OWASP Top Ten 2010 Web App Risks Authorization Failure – OWASP Top 10 Vulnerability Phishing, Vishing, Smishing HTTP Response Splitting Broken Authentication – OWASP Top 10 [...]
Remote File Inclusion
[...] is not executed using some wrapper, code in include files is executed in the context of the server user. This could lead to a complete system compromise. Running malicious code on clients: the [...]
Insecure Cryptographic Storage – OWASP Top 10 Vulnerability
[...] memory, overwrite it with random data, and use strong encryption to safeguard it Related Posts: OWASP Top Ten 2010 Web App Risks Insufficient Transport Layer Protection Broken Authentication – [...]
Cross-Site Request Forgery – OWASP Top 10 Vulnerability
[...] Cross-Site Request Forgery (CSRF) is an attack outlined in the OWASP Top 10 whereby a malicious website will send a request to a web application that a user is already [...]
Common Vulnerabilities in Configuration Files
[...] File Upload control, can be very harmful to your website Broken Authentication – OWASP Top 10 Vulnerability Cross-site scripting – OWASP Top 10 Vulnerability Don’t check &# [...]
Easy to Break, Easy to Plug – CAPTCHA Security
[...] here’s the vulnerable pseudocode: fixed psuedocode: Related Posts: Broken Authentication – OWASP Top 10 Vulnerability Is your password secure? Cross-Site Request Forgery – OWASP Top 10 [...]
Related channels
-
Piyush Malik » Web Security Blog
Personal Blog about Security Stuff. I Love what I do :)
-
India Techno Blog
Blogging | SEO | SMO | Tech Gadgets
-
Amfas Tech | Technology, Blogging & Internet Marketing
Read Tech Reviews, Computer and Online Security Tips, Learn Web & Software Development, SEO, Blogging and Internet Marke...