Last Updated on 24 Jan. 2013, Total: 48 White Papers
| 10 | The Unofficial Web Hack FAQ | 24 Jan. 2013 |
| 11 | The World Wide Web Security FAQ | 24 Jan. 2013 |
| 11 | WWW Security | 24 Jan. 2013 |
The technology behind Web Services, how the system is made available to the user, and the way connections are made to back-end (and therefore sensitive) data... Read More
A high level view of the typical methods and architectures for deployment of web applications... Read More
SQL Injection is a hacking technique which attempts to pass SQL commands through a web application for execution against a backend database... Read More
An attacker uses many methods to mount a successful attack. How you name your outword facing hosts, and your URL names can make life easier for the attacker... Read More
Organizations need a Web application scanning solution that can scan for security loopholes in Web-based applications to prevent would-be hackers from gaining unauthorized access to corporate applications and data. Web applications are proving to be the weakest link in overall corporate security, even though companies have left no stone unturned in installing the better-known network security and anti-virus solutions. Quick... Read More
Exploiting well known flaws in DNS services and the way in which host names are resolved to IP addresses, Phishers have upped the ante in the cyber war for control of a customer’s online identity for financial gain. A grouping of attack vectors now referred to as “Pharming”, affects the fundamental way in which a customer’s computer locates and connects... Read More
Many forms of code injection (for instance cross-site scripting and SQL injection) rely upon the instantaneous execution of the embedded code to carry out the attack (e.g. stealing a user's current session information or executing a modified SQL query). In some cases it may be possible for an attacker to inject their malicious code into a data storage area that... Read More
These days, I write several pages for our site plus two to three articles per week. For the most part, articles are re-published without you even knowing. You typically find out when someone visits your site from another where the article has been posted. Other times, the site that plans on posting the article e-mails you and asks you to... Read More
DNS is the most widely used protocol on the Internet yet many security professionals do not have a full understanding of the many weaknesses which surround it which are needed for Penetration Testing and day to day security. In this paper we highlight basic and advanced DNS attacks... Read More
Masking or anonymizing a Web server involves removing identifying details that intruders could use to detect your OS and Web server vendor and version. This information, while providing little or no utility to legitimate users, is often the starting place for crackers, blackhat hackers and "script kiddies". This article explores some ways you can minimize the risk of such detection... Read More