Injection Flaws/ Attack

This post is part of a multi-post series on web application security threats and their solutions. Please visit my introduction article here to know about more security threats and their solutions. Introduction Injection flaws allow attackers to relay malicious code through a web application to another system. These attacks include calls to the operating system via system calls, use of external programs via shell commands, … Continue reading Injection Flaws/ Attack

Cross Site Scripting (XSS) Attack

Introduction This post is part of a multi-post series on web application security threats and their solutions. Please visit my introduction article here to know about more security threats and their solutions. This type of attack enables attackers to inject client-side script into web pages viewed by other users. XSS flaws occur whenever an application takes untrusted data and sends it to a web browser … Continue reading Cross Site Scripting (XSS) Attack

Security implementation in Web applications

Introduction After working for many years in application development both Windows and Web-based, one is clear to mind is software development is not just writing logical code but also writing business logic in a secure way. As the technology is growing so is the threat to the information. Organizations are always in fear of data being stolen by unauthorized people and misusing it. This fear … Continue reading Security implementation in Web applications

Click Jacking OR UI redress Attack

Introduction This post is part of a multi-post series on application security threats and their solutions. Please visit my introduction article here to know about more security threats and their solutions. In click-jacking attacker hijack user’s click. Click-jacking (also known as a “UI redress attack”) is when an attacker uses multiple transparent/opaque layers to trick a user into apparently clicking, dragging or typing into a … Continue reading Click Jacking OR UI redress Attack