乌漆 WhiteMoon

摘要： #Cross Site Request Forgery (CSRF) CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they are curren 阅读全文

摘要： #XSS(Stored) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign a 阅读全文

摘要： #XSS(Reflected) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benig 阅读全文

摘要： #XSS(DOM) "Cross-Site Scripting (XSS)" attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and 阅读全文

摘要： #SQL Injection (Blind) When an attacker executes SQL injection attacks, sometimes the server responds with error messages from the database server com 阅读全文

摘要： #SQL Injection (SQL 注入) A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the applicati 阅读全文

摘要： #File Upload(文件上传) Uploaded files represent a significant risk to web applications. The first step in many attacks is to get some code to the system t 阅读全文

摘要： #File Inclusion(文件包含) Some web applications allow the user to specify input that is used directly into file streams or allows the user to upload files 阅读全文

摘要： #Command Injection (指令注入) The purpose of the command injection attack is to inject and execute commands specified by the attacker in the vulnerable ap 阅读全文

摘要： #Brute Force (爆破) Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A co 阅读全文