What Is the BEAST Attack

BEAST stands for Browser Exploit Against SSL/TLS. It is an attack against network vulnerabilities in TLS 1.0 and older SSL protocols. The attack was first performed in 2011 by security researchers Thai Duong and Juliano Rizzo but the theoretical vulnerability was discovered in 2002 by…

Read more

What Are HTML Injections

HTML injections (HyperText Markup Language injections) are vulnerabilities that are very similar to Cross-site Scripting (XSS). The delivery mechanisms are exactly the same but the injected content is pure HTML tags, not a script like in the case of XSS. HTML injections are less dangerous…

Read more

XSS Filter Evasion Basics

The two primary methods of avoiding Cross-site Scripting (XSS) vulnerabilities are XSS filtering and XSS escaping. However, XSS filtering is not recommended because it can usually be evaded using clever tricks. Here are some of the methods that an attacker can employ in their malicious…

Read more

What Is Cookie Poisoning

The term cookie poisoning is used in different contexts to describe attacks that aim to manipulate, intercept, or forge the content of HTTP cookies. Cookie poisoning attacks are different types of attacks that can affect both the client-side application, data transmission, or the web server….

Read more