Wednesday, February 18, 2026

📗 PHASE 2: Web Security Core (Month 3–4)

 

📗 PHASE 2: Web Security Core (Month 3–4)

🔥 OWASP Top 10 (Very Important)

1️⃣ SQL Injection

Vulnerable code:

SELECT * FROM users WHERE username = '$user';

Attack:

' OR '1'='1

Fix:

  • Prepared statements

  • Parameterized queries

2️⃣ XSS (Cross-Site Scripting)

Stored XSS:

  • Malicious script saved in DB

Reflected XSS:

  • Injected via URL

Fix:

  • Escape output

  • Use Content Security Policy

3️⃣ CSRF

User logged in → attacker forces request.

Fix:

  • CSRF tokens

4️⃣ Broken Authentication

Fix:

  • Strong hashing (bcrypt)

  • Secure session handling

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

📗 PHASE 2: Web Security Core (Month 3–4)

  📗 PHASE 2: Web Security Core (Month 3–4) 🔥 OWASP Top 10 (Very Important) 4 1️⃣ SQL Injection Vulnerable code: SELECT * FROM users WHERE ...

  • Raster scan Vs Vector Scan
    1. Raster Scan Display   How It Works : A raster scan display works by painting an image on the screen pixel by pixel, row by row. It follow...
  • Inheritance
    *■ Inheritance *  • Inheritance is a concept in OOP that allows a class to inherit properties and behaviors (methods) from another class. •...