Year: 2017

Almost all applications rely on a data store for managing the data which is processed by the application. In most cases, that data drives the core app logic. It also holds the user accounts and […]

The common problem in the web application is that basically all of the users’ inputs are actually untrusted. Some cyber security tips and measures really need to be taken by application for defending themselves from […]

I hope that most of you are already well-known with the information about the authentication. But let us mention the basics at least. The authentication is the simplest of all security mechanisms employed within the […]

Let’s start with the explanation of the session management role. This mechanism is a fundamental security component in the majority of web apps. It enables the application to uniquely identify a given user across a […]

As we are already well introduced, any kind of web app is depending on the other layers of the technology stack which support it, and also including the application or the web server, networking infrastructure […]

All the attack techniques we described so far involved interacting with a live running app and have largely consisted of submitting the crafted input to the application and monitoring its responses. We will now examine […]

We won’t introduce any new vulnerabilities we haven’t talked about already. We will here examine one key element in the effective methodology for hacking web apps. It will be all about the use of automation […]

We will start this topic by saying that the web app architecture is the important area of the security which is frequently overlooked when the security individual apps are appraised. The tiered architectures are commonly […]

There are some attacks on the web app which can be performed using only a standard web browser. Although, most of them require you to use some kind of the additional tools. Those tools operate […]