乌漆 WhiteMoon

摘要： #相关术语 ##互联网络 使用多个路由器把多个网络连接起来，并且配置 IPv4 或 IPv6 的逻辑网络编址方案时，就组建了互联网络。 ##冲突域 冲突域是一个以太网术语，即网段上的一台设备发送分组时，该物理网段上的其他所有设备都必须侦听它。因为如果一个物理网段中的多台设备同时传输数据，这些数据的数 阅读全文

摘要： #JavaScript Attacks (前端攻击) The attacks in this section are designed to help you learn about how JavaScript is used in the browser and how it can be ma 阅读全文

摘要： #Insecure CAPTCHA (不安全的验证流程) A CAPTCHA is a program that can tell whether its user is a human or a computer. You've probably seen them - colourful ima 阅读全文

摘要： #CSP Bypass(CSP 绕过) Content Security Policy (CSP) is used to define where scripts and other resources can be loaded or executed from. This module will 阅读全文

摘要： #Weak Session IDs (弱会话) Knowledge of a session ID is often the only thing required to access a site as a specific user after they have logged in, if t 阅读全文

摘要： #Cross Site Request Forgery (CSRF) CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they are curren 阅读全文

摘要： #XSS(Stored) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign a 阅读全文

摘要： #XSS(Reflected) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benig 阅读全文

摘要： #XSS(DOM) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and 阅读全文

摘要： #SQL Injection (Blind) When an attacker executes SQL injection attacks, sometimes the server responds with error messages from the database server com 阅读全文