1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

The typical 10 security breaches

Discussion in 'Ethical hacking' started by slk3, Mar 22, 2013.

  1. slk3

    slk3 New Member

    Joined:
    Mar 22, 2013
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    0
    IBM AppScan is a good tool to detect security breaches of web applications. Does anybody ever study it? Typically AppScan can find out 10 main attacks including
    • XSS,
    • SQL(Code) Injection,
    • Malicious file execution,
    • Insecure direct object references,
    • CSRF,
    • Information to leak out and improper error handling,
    • Broken authentication and Session management,
    • Insecure cryptographic storage,
    • Unsecured communication,
    • URL access restrictions fail
    What are the corresponding solutions for them? Does anybody ever summarize?
     
  2. Syperus

    Syperus New Member

    Joined:
    Sep 2, 2011
    Messages:
    45
    Likes Received:
    9
    Trophy Points:
    0
    Location:
    127.0.0.1
    Where's buffer overflow? This is one of the top security risks due to poor programming techniques.
     

Share This Page