Skip to main content

Posts

Showing posts from August, 2020

What is SQL Injection(SQLi).

What is SQL Injection( SQLi ):- A SQL Injection, or SQLi, is a vulnerability which allows a hacker to “inject” a SQL statements into a target and access their database. The potential here is pretty extensive often making it a highly rewarded vulnerability. For example, attackers may be able to perform all or some CRUD actions (Creating, Reading, Updating, Deleting) database information. Attackers may even be able to achieve remote command execution. SQLi attacks are usually a result of unescaped input being passed into a site and used as part of a database query. SQL injection is a code injection technique that might destroy your database.SQL injection is one of the most common web hacking techniques.SQL injection is the placement of malicious code in SQL statements, via web page input.SQL injection usually occurs when you ask a user for input, like their username/userid, and instead of a name/id, the user gives you an SQL statement that you will  unknowingly  ...

What is Cross-Site Scripting.

What is Cross-Site Scripting Attack :- Cross-site scripting, or XSS, involve a website including unintended Javascript code which is subsequently passes on to users who then execute that code via their browsers. A harmless example of this is :- alert(‘XSS’) Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, ...

What is the dark web?

The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed. Dark web definition:- The dark web refers to encrypted online content that is not indexed by conventional search engines. Sometimes, the dark web is also called the   dark net . The dark web is a component of the   deep web   that describes the wider breadth of content that does not appear through regular Internet browsing activities. Most deep web content consists of private files hosted on  Dropbox and its competitors  or subscriber-only databases rather than anything illegal. Specific browsers, such as Tor Browser, are required to reach the dark web.  Using the dark web often provides considerably more privacy than just using Tor to access the web. Many dark web sites simply provide standard web services with more secrecy, which benefits political dissidents and people trying to keep medical...

What is Digital Forensics & Types of Digital Forensics

What is Digital Forensics? Digital Forensics is defined as the process of preservation, identification, extraction, and documentation of computer evidence which can be used by the court of law. It is a science of finding evidence from digital media like a computer, mobile phone, server, or network. It provides the forensic team with the best techniques and tools to solve complicated digital-related cases.Digital Forensics helps the forensic team to analyzes, inspect, identifies, and preserve the digital evidence residing on various types of electronic devices. Objectives of Computer Forensics. It helps to recover, analyze, and preserve computer and related materials in such a manner that it helps the investigation agency to present them as evidence in a court of law. It helps to postulate the motive behind the crime and identity of the main culprit. Designing procedures at a suspected crime scene which helps you to ensure that the digital evidence obtained is not corrupted...