Code Injection or Remote Code Execution (RCE) enables the attacker to execute malicious code as a result of an injection attack. Code Injection attacks are different than Command Injection attacks. Attacker capabilities depend on the limits of the server-side interpreter (for example, PHP, Python, and…
Author Archives Ian Muscat
Recommendations for TLS/SSL Cipher Hardening
Transport Layer Security (TLS) and its predecessor, Secure Socket Layer (SSL), are widely used protocols. They were designed to secure the transfer of data between the client and the server through authentication, encryption, and integrity protection. Note: At the time of writing of this article,…
How to Prevent SQL Injection Vulnerabilities in PHP Applications
What Is SQL Injection? SQL Injection (SQLi) is a type of injection attack targeting a backend relational database. An attacker can use it to make a web application process and execute injected SQL statements as part of an existing SQL query. This article assumes that…
Out-of-band XML External Entity (OOB-XXE)
As with many types of attacks, you can divide XML External Entity attacks (XXE attacks) into two types: in-band and out-of-band. In-band XXE attacks are more common and let the attacker receive an immediate response to the XXE payload. In the case of out-of-band XXE…
What Are XML External Entity (XXE) Attacks
An XML External Entity (XXE) attack (sometimes called an XXE injection attack) is a type of attack that abuses a widely available but rarely used feature of XML parsers. Using XXE, an attacker is able to cause Denial of Service (DoS) as well as access…
What is Local File Inclusion (LFI)?
An attacker can use Local File Inclusion (LFI) to trick the web application into exposing or running files on the web server. An LFI attack may lead to information disclosure, remote code execution, or even Cross-site Scripting (XSS). Typically, LFI occurs when an application uses…
DAST vs SAST: A Case for Dynamic Application Security Testing
Dynamic Application Security Testing (DAST) is a black-box security testing methodology in which an application is tested from the outside. A tester using DAST examines an application when it is running and tries to hack it just like an attacker would. On the other end…
Cross-site Flashing (XSF) WordPress Vulnerability, Unpatched and Exploitable
WordPress, the content management system powering north of 28% of websites on the Internet, is certainly no stranger to providing timely security patches to its hundreds of millions of users when security researchers report them. This time however, things took a slightly different turn —…
The difference between Vulnerability Assessment and Penetration Testing
Many information security professionals are familiar with the terms ”‘vulnerability assessment” and “penetration testing” (“pentest” for short). Unfortunately, in many cases, these two terms are incorrectly used interchangeably. This post aims to clarify differences between vulnerability assessment and penetration testing, demonstrate that both are integral…