Categories
Security

What is a vulnerability?

In computer security the term “vulnerability” refers to a loophole in a system through which a hacker can gain access or steal confidential information.

keep thinking security

A vulnerability is also known as a weakness in the computer system which is a result of inefficient and weak programming.

Categories
Security

What is OWASP?

dot net security

OWASP stands for “Open Web Application Security Project”.

It is an international non-profit organization dedicated towards making the security of web applications more effective and impenetrable.

keep thinking security

This organization provides videos, documents, tools and forums which are freely accessible.

Categories
Security

What is an exploit?

An exploit is an attack on a computer system which takes place by exploiting a vulnerability that is present in a system or a network.

Exploit refers to a piece of code which is only written for the purpose of breaking and entering into a system using a vulnerability.

Categories
Security

Code Security – Cross-site scripting attacks

Cross-site scripting(XSS) is a web application loophole which allows an attacker(hacker) to inject some malicious code into the web application by adding new code which is not a part of original application.

How does it work?

When the user runs that application, the website is loaded with the malicious code on it which can steal information from the user.

Web-Application – A thread:

Imagine a web application that you use on a regular basis. There are two ends of an application:

  1. User end: Application end where the user logs in.
  2. Server end: Application end where all the code is generated.

How does a hacker exploit XSS?

A hacker takes advantage of this vulnerability and injects his code into the web application.