ad

Exclusive Updates from 'Rafay Hacking Articles'

Forrester Report: The 10 Most Important Technology Trends in Business Application Architecture Today

Understand These Trends To Shape Your Application Strategy Click here to download
[Sponsored]

Latest News Apr 22, 2014

What is the .htaccess file and what do I use it for?


.htaccess - The Point of DiscussionHT(Hyper Text) access file is actually a directory level configuration file which supports handsome number of servers and those webservers allow administrators for decentralized management of Web Server Configuration. The original purpose of .htaccess " is reflected inside its name was to allow per-directory access control, for example: requiring a password to access the a directory or file. Nowadays it is used for various other purposes, as .htaccess files can override many other configuration settings including content type and character set, CGI handlers, etc it could very useful for penetration testers as well as webmasters. ...

Read more... Twitter Facebook Linkedin

DOM XSS Explained - Part 1


Cross Site scripting (XSS) has been a problem for well over a decade now, XSS just like other well known security issues such as SQL, XPATH, LDAP Injection etc fells inside the category of input validation attacks. An xss vulnerability occurs when an input taken from the user is not filtered/santized before it's returned back to the user. The XSS can be divided into the following three categories: ...

Read more... Twitter Facebook Linkedin

Hacker's Dome - First Blood CTF



When it comes to Information Security, there's a great way to learn, train and keep sharp your skills. This can be done using gamification mechanics to speed up the learning curve and improve retention rate. Capture The Flag competitions use gamification mechanics and represent one of the best ways to learn security hands on. ...

Read more... Twitter Facebook Linkedin

A Tale Of A DOM Based XSS In Paypal

Introduction

We have already disclosed lots of findings related to DOM Based XSS and this article talks about a pretty interesting DOM Based XSS vulnerability i found long time back inside paypal. A DOM Based xss vulnerability also known as the third type of XSS vulnerability or type 0. This vulnerability occurs due to the fact that developers don't sanitize the input before it reaches a sink. A Sink is defined as anything that generates HTML, not every sink is considered as dangerous, however there are some common sinks that should be avoided and are mentioned at DOM Based XSS wiki . ...

Read more... Twitter Facebook Linkedin

Introduction To SQLmap And Firewall Bypassing




ABSTRACT

Most cyber-attacks in the world that involve websites occurs due to lack of updates and the failure to validate the user input. Starting from buffer overflow vulnerability, which is a system level vulnerability up to the vulnerabilities that exist today, the fundamental problem has always been the input validation. One of the main threats is SQL Injection that left many worried about their application and databases. The problem is more then a decade old, but still is present inside lots of websites. SQL injection like all other major web application security problems fall in the category of input validation attacks. ...

Read more... Twitter Facebook Linkedin

Strategic Solutions in the Cloud - 4 Cloud Computing Examples for Today's Enterprise

Learn from other IT Executives how they are selecting a cloud vendor and how they are using the cloud. Click here to download
[Sponsored]

This email was sent to youbeeub.fbhacking123@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from Rafay Hacking Articles. If you would like to manage your newsletter preferences or if you no longer wish to receive this newsletter, please click here.

Rafay Hacking Articles, Karachi, Pakistan 44000
Contact: rafayhackingarticles@gmail.com

Exclusive Updates from 'Rafay Hacking Articles'

When Cloud Makes Sense

Learn some of the benefits of cloud computing. Click here to download
[Sponsored]

Latest News Apr 17, 2014

What is the .htaccess file and what do I use it for?


.htaccess - The Point of DiscussionHT(Hyper Text) access file is actually a directory level configuration file which supports handsome number of servers and those webservers allow administrators for decentralized management of Web Server Configuration. The original purpose of .htaccess " is reflected inside its name was to allow per-directory access control, for example: requiring a password to access the a directory or file. Nowadays it is used for various other purposes, as .htaccess files can override many other configuration settings including content type and character set, CGI handlers, etc it could very useful for penetration testers as well as webmasters. ...

Read more... Twitter Facebook Linkedin

DOM XSS Explained - Part 1


Cross Site scripting (XSS) has been a problem for well over a decade now, XSS just like other well known security issues such as SQL, XPATH, LDAP Injection etc fells inside the category of input validation attacks. An xss vulnerability occurs when an input taken from the user is not filtered/santized before it's returned back to the user. The XSS can be divided into the following three categories: ...

Read more... Twitter Facebook Linkedin

Hacker's Dome - First Blood CTF



When it comes to Information Security, there's a great way to learn, train and keep sharp your skills. This can be done using gamification mechanics to speed up the learning curve and improve retention rate. Capture The Flag competitions use gamification mechanics and represent one of the best ways to learn security hands on. ...

Read more... Twitter Facebook Linkedin

A Tale Of A DOM Based XSS In Paypal

Introduction

We have already disclosed lots of findings related to DOM Based XSS and this article talks about a pretty interesting DOM Based XSS vulnerability i found long time back inside paypal. A DOM Based xss vulnerability also known as the third type of XSS vulnerability or type 0. This vulnerability occurs due to the fact that developers don't sanitize the input before it reaches a sink. A Sink is defined as anything that generates HTML, not every sink is considered as dangerous, however there are some common sinks that should be avoided and are mentioned at DOM Based XSS wiki . ...

Read more... Twitter Facebook Linkedin

Introduction To SQLmap And Firewall Bypassing




ABSTRACT

Most cyber-attacks in the world that involve websites occurs due to lack of updates and the failure to validate the user input. Starting from buffer overflow vulnerability, which is a system level vulnerability up to the vulnerabilities that exist today, the fundamental problem has always been the input validation. One of the main threats is SQL Injection that left many worried about their application and databases. The problem is more then a decade old, but still is present inside lots of websites. SQL injection like all other major web application security problems fall in the category of input validation attacks. ...

Read more... Twitter Facebook Linkedin

IT Disaster Recovery Best Practices and Lessons Learned from Hurricane Sandy

Learn how to keep IT services running, should a disaster strike. Click here to download
[Sponsored]

This email was sent to youbeeub.fbhacking123@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from Rafay Hacking Articles. If you would like to manage your newsletter preferences or if you no longer wish to receive this newsletter, please click here.

Rafay Hacking Articles, Karachi, Pakistan 44000
Contact: rafayhackingarticles@gmail.com