This free guide will teach you about:
- Cross site scripting attack
- SQL Injecton
- How to use Prorat software
Download Web Security Examples Free Guide
Subscribe to our email list . It’s free!
What Is Cross Site Scripting
Cross Site Scripting is a type of computer security vulnerability where malicious users can add carefully-constructed comments to webpages with the intention of fooling web browsers.
Cross site scripting flaws occur whenever an application takes untrusted¸data and sends it to a web browser without proper validation and escaping. Cross site scripting allows attackers to execute script in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.
SQL Injection is subset of the an unverified/unsanitized user input vulnerability and the idea is to convince the application to run SQL code that was not intended.
Cross Site Request Forgery (CSRF)
Cross Site Request Forgery works by exploiting the trust that a site has for the user. Site tasks are usually linked to specific urls
(Example: http://hackspc.com/sellpage?money=1000&count=145689782562) allowing specific actions to be performed when requested.
If a user is logged into the site and an attacker tricks their browser into making a request to one of these task urls,
then the task is performed and logged as the logged in user. Typically an attacker will embed malicious HTML or
ProRat is a Microsoft Windows based backdoor trojan horse, more commonly known as a RAT (Remote Administration Tool). As with other trojan horses it uses a client and server. ProRat opens a port on the computer which allows the client to perform numerous operations on the server (the machine being controlled). ProRat is available in a free version, and a paid version. In the free version, ProRat cannot connect to users over wide area networks (WANs), only over LANs (Local Area Networks). ProRat is known for its server to be almost impossible to remove without up-to-date antivirus software.
Phishing is the most commonly used method to hack accounts . The most widely used technique in phishing is the use of Fake Login Pages. Where attacker create login page that resemble the original login page. The target is fooled to believe the fake page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her facebook login details are stolen away.