All great things are simple, and many can be expressed in single words: freedom, justice, honor, duty, mercy, hope

Tuesday, January 8, 2013

List Of Vulnerability & it`s Tutorial.

It`s 100th post. When I started to write , I did not think that it may longer this.So today I don`t put any new article about hacking , I am gonna repeat some famous vulnerability which we had seen before.
In the chart , you can see that different types of vulnerability & it`s percentage which exists in website.

This is web-browser vulnerability . So you can see that which browser is easy to hack.

(A)S.Q.L. Injection:-

It is a hacking method that allows an unauthorized attacker to access a database server. It is facilitated by a common coding blunder: the program accepts data from a client and executes SQL queries without first validating the client’s input. The attacker is then free to extract,modify, add, or delete content from the database.

Tutorial on S.Q.L. Injection:-

(B)Cross Site Scripting:-

Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it.

Tutorial on X.S.S-

(C)Cross site Request forgery:-

CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.

Tutorial on C.S.R.F-

(D)Local File Inclusion:-

Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected.

Tutorial on local file inclusion-

(E)DOS Attack:- 

A denial-of-service attack(DoS attack) or distributed denial-of-service attack(DDoS attack) is an attempt to make a machine or network resource unavailable to its intended user

Tutorial on DOS:-

(F)Spoofing :-

spoofing refers tricking or deceiving computer systems or other computer users. This is typically done by hiding one's identity or faking the identity of another user on the Internet.

Spoofing Tutorial:-


Phishing is the act of attempting to acquire information such as password ,usernames, , and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity.

Tutorial on Phishing-

No comments:

Post a Comment