Posts

OWASP Top 5 Vulnerability Explanation with implementation | Learn Ethical Hacking | Learn Bug Bounty Hunting

Image
DOS(Denial Of Service) Attack via Long Password:  A denial-of-service (DoS) attack via a long password is a type of application-layer attack that exploits a vulnerability in a web application's password hashing algorithm. By sending a very long password to the application, the attacker can cause the server to consume excessive CPU   and memory resources, leading to a denial of service for legitimate users.    Flow Diagram:   Attack implementation: Video: Cross-Site Script (XSS):    Cross-site scripting (XSS) is a type of web security vulnerability that allows an attacker to inject malicious code into a web page viewed by another user. This code can then be executed by the victim's browser, allowing the attacker to steal sensitive information, such as cookies or session tokens, or to take control of the victim's browser. There are three main types of XSS attacks: 1.  Reflected XSS: This type of attack occurs when the attacker injects maliciou...
Post a Comment
Read more

10 Common and known Vulnerabilities | Learn Ethical Hacking

Image
 1. Brute Force Attack : A brute-force attack is a cyberattack in which an attacker tries to guess a password or other secret code by trying many possible combinations. Brute-force attacks are a common type of cyberattack because they are relatively easy to carry out and can be effective against weak passwords. Flow Diagram: Attack Implementation: Video: 2. CSRF Vulnerability:  CSRF (Cross-Site Request Forgery) is a type of attack in which an attacker tricks a user's browser into performing an unwanted action on a web application. For example, an attacker could trick a user into transferring money from their bank account to the attacker's account. Flow Diagram: Attack Implementation: Video: 3. Clickjacking Vulnerability: Clickjacking is a type of attack in which an attacker tricks a user into clicking on a hidden link or button.  For example, an attacker could overlay a fake button on top of a legitimate button, so that when the user clicks on the fake button, they actual...
Post a Comment
Read more