Now when you are looking for something on the Internet, then most likely several links in the search engine results are fake sites that look like sites of online stores or even banks, but in fact, they only collect your logins and passwords, credit card numbers, etc. money from them…

The program does not deliver or inaccurately releases a resource before it is made available for re-use. the function fails to release a lock it acquires, which might lead to a deadlock. 1. Android SQLite Database The Android project fails to release the Android database handler in its onPause(), onStop(), or onDestroy() event handlers.An…

Hello guys I hope you liked the CTF and the virtual hacking conference. I come directly to the point “ सीधी बात नो बकवास ”

A buffer overflow, or buffer overrun, occurs when more extra data is put into a fixed-length buffer than the buffer can manage. Buffer overflow is possibly the best-known form of software security vulnerability. Most software developers know what a buffer overflow vulnerability is, but buffer overflow attacks corresponding to both…

When security and privacy demand clash, privacy should usually be given a higher priority. To accomplish this and still maintain required security information, cleanse any private information before it exits the program. To enforce good privacy management, develop and strictly adhere to internal privacy guidelines. The guidelines should specifically describe…

Explanation Redirects allow web applications to direct users to different pages within the same application or to external sites. Applications utilize redirects to aid in site navigation and, in some cases, to track how users exit the site. …

An iFrame injection is a very common cross-site scripting (or XSS) attack. It consists of one or more iFrame tags that have been inserted into a page or post’s content and typically downloads an executable program or conducts other actions that compromise the site visitors’ computers. In the best case…

During the assessment, I have found the debug URL on xyz.com which is disclosing the error logs.. sorry i can’t disclose website name … lets start… when i start to recon and try to find bugs on this program . i tried many things like xss,idor,nd etc….(nothing spot) when i…

Explanation Modern web browsers support a secure flag for each cookie. If the flag is set, the browser will only send the cookie over HTTPS. Sending cookies over an unencrypted channel can expose them to network sniffing attacks, so the secure flag helps keep a cookie's value confidential. …