Published on: August 27, 2017 9:31 pm | Comments: one response | Tags: Authenticity, Confidentiality, Cryptography, Digital Certificates, Digital Signatures, Non-Repudiation, Public-Key
Assuming that you already have knowledge on overall cryptography systems & terminology (encrypt, decrypt, cipher, hash etc.). The intention of this post is just to clarify the main concepts of Public-Key Cryptography. Mainly this post describes the following concepts: Confidentiality, Authenticity, Non-Repudiation, Digital Signatures, Digital Certificates
Published on: September 20, 2016 3:11 am | Comments: none | Tags: antisamy, code, countermeasures, HTTP Headers, injection, ModSecurity, OWASP, Prepared Statements, prevention, sql, Web Application Frameworks, xss
Code Injection is the most common vulnerability in Applications. Here we will discuss the ways of how we can prevent that from happening. We will show different techniques and discuss and their advantages and disadvantages.
Published on: August 3, 2016 10:30 am | Comments: none | Tags: code, cross-site, Department of Defense, details, examples, injection, Pentagon, scripting, xss
Published on: July 12, 2016 10:30 am | Comments: none | Tags: blind, compounded, dbms, details, example, examples, explained, injection, specific, sql
SQL Injection is a type of code injection attack that takes place in data-driven applications via SQL statements. This is a case when applications carelessly fully trust the user input. This post explain in details how this attack works and how to exploit it.