Menu

Close
  • Home
  • Resources
  • Linux Commands
Subscribe
Menu
Chris Young's Picture

Chris Young

Scotland 29 posts
← Newer Posts Page 2 of 5 Older Posts →

DVWA - File Inclusion

LFI & RFI are commonly found in poorly written PHP code, allows an attacker to include a local or remote PHP file into the webservers running »

Chris Young Chris Young on File Inclusion, OWASP, web app testing 16 April 2018

CSRF - Cross Site Request Forgery

CSRF refers to an attack against authenticated web applications using Cookies wherein an attacker is able to trick a victim into making a request that the »

Chris Young Chris Young on OWASP, web app testing, CSRF 16 April 2018

XSS - Cross Site Scripting

XSS in an input validation weakness which allows an attacker to inject a payload into a response from the application. When the payload can included HTML/ »

Chris Young Chris Young on OWASP, web app testing, XSS 13 April 2018

XXE - XML External Entity

The XML External Entity (XXE) attack is a type of attack against an application that parses XML input. An XXE attack typically occurs when XML input »

Chris Young Chris Young on OWASP, web app testing, XXE 13 April 2018

Unrestricted File Upload

Many web applications allow users to upload content. The content may be images, word documents, audio and video files etc. This upload facility however exposes a »

Chris Young Chris Young on OWASP, web app testing, File Upload 13 April 2018

SSRF - Server Side Request Forgery

Server Side Request Forgery (SSRF) is a vulnerability that describes the behaviour of a server making a request that is under the attackers control. When using »

Chris Young Chris Young on SSRF, OWASP, web app testing 13 April 2018
← Newer Posts Page 2 of 5 Older Posts →
Information Security Consultant | Pen tester © 2019
Proudly published with Ghost