The malicious activities that happens to a website or web app.
Structured Query Language Injection is a way of code modification technique which is used to change the data from SQL databases. By using this command, any unauthorized user can use to identify a more privileged user. In modern technique, SQL injection occurs over the internet by sending queries to an API endpoint. Some query field …
Web scraping is the process of data extraction from different websites. It is done by using a piece of code known as “scraper”. It includes sending a ‘GET’ type query and then HTML parsing of the received content. After parsing, the scraper searches for the specified data and convert it into the specified document. The …
Phishing is a social engineering attack which is an attempt to steal sensitive and personal user information with the ill intents of gaining illegal access or financial gains. The stolen information can be in the form of usernames, passwords, bank account details or credit card numbers. The attackers utilize this information in two ways: either …
A man-in-the-middle attack is a method which an attacker places himself in between the two devices and intercepts or modifies the messages/communication. The attacker is also able of impersonating as either of two agents and can do unauthorized actions. The attack needs three participants: the victim, the entity/system under attack and the middleman who eavesdrops. …
The Cross-Site Scripting also known as XSS is a prevalent web security threat and one of the favorite method of attackers to steal your personal information. Cross-site scripting, which targets users, made up almost one-third of the total number of attacks. In XSS, the web hackers add a malicious piece of codes in your Server …
Cross-Site Request Forgery (CSRF), also known as Session Riding is a type of web threat that manipulates the web browser into performing an unwanted action on the application or website to which a user is currently logged in. A successful CSRF attack can lead to serious consequences e.g. loss of business reputation and customer confidence, …
DDoS attacks are generally classified into the following 3 categories: Volumetric attacks: This category of exploited method attempts to create congestion by consuming all available bandwidth between the target and the larger Internet. Large amounts of data are sent to a target by using a form of amplification or another means of creating massive traffic, …
Distributed Denial-of-Service (DDoS) attacks are malicious attempts to block businesses from its traffic. During a DDoS attack, the target server/service/network is flooded with malicious traffic generated by exploited systems on the internet. At the same time, legitimate customers and users cannot access the target. How does a DDoS attack work? A DDoS attack requires an …
What is a Distributed Denial-of-Service (DDoS) attack? Read More »
Web attacks refer to a category of cyber-attacks that generally occur on or through a website. The most common ones are SQL injection, cross-site scripting, remote file inclusion, and brute force attacks. The risk of attack that each website faces depends on the motive of the attacker, security of the site and the information assets …
