2023年3月21日
Do Stored Procedures Protect Against SQL Injection?
摘要: copy from: https://learn.microsoft.com/zh-cn/archive/blogs/brian_swan/do-stored-procedures-protect-against-sql-injection When I’ve asked people about 阅读全文
posted @ 2023-03-21 22:27 saaspeter 阅读(43) 评论(0) 推荐(0)
Session fixation会话固定攻击
摘要: from: https://owasp.org/www-community/attacks/Session_fixation Description Session Fixation is an attack that permits an attacker to hijack a valid us 阅读全文
posted @ 2023-03-21 18:08 saaspeter 阅读(116) 评论(0) 推荐(0)
在javascript的文章中sink指什么?
摘要: 在介绍xss的英文文章中常看到sink这个词语。查了下: A sink is a potentially dangerous JavaScript function that can caused undesirable effects if attacker controlled data is 阅读全文
posted @ 2023-03-21 16:59 saaspeter 阅读(193) 评论(0) 推荐(1)
Java有BufferOverflow吗?
摘要: Since Java Strings are based on char arrays and Java automatically checks array bounds, buffer overflows are only possible in unusual scenarios: If yo 阅读全文
posted @ 2023-03-21 10:17 saaspeter 阅读(20) 评论(0) 推荐(0)