Support
Articles and Tutorials
Policy
FAQ
Glossary
Products
Sax2 NIDS
Sax2 Screenshots
Buy Now
White Papers
Awards
Download
Contact Us

Consulting:

Technical Support:

Sales:

General Information:

 

 
  

Alternate XSS Syntax

Alternate XSS Syntax Description Cross Site Scripting is not just <script>alert('y0u ar3 0wn3d!');</script>. Because of JavaScript...

XPATH Injection

XPATH Injection Description Similar to SQL Injection, XPath Injection attacks occur when a web site uses user-supplied information to construct...

Web Parameter Tampering

Web Parameter Tampering Description The Web Parameter Tampering attack is based on manipulation of parameters exchanged between client and

Special Element Injection

Special Element Injection Description Special Element Injection is a type of injection attack that exploits weakness related to reserved words and...

Server-Side Includes (SSI) Injection

Server-Side Includes (SSI) Injection Description SSIs are directives present on Web applications used to feed a HTML page with dynamic...

Parameter Delimiter

Parameter Delimiter Description This attack is based on manipulation of parameters delimiter used by web application input vectors, in order to...

LDAP injection

LDAP injection Description LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input....

Full Path Disclosure

Full Path Disclosure Overview Full Path Disclosure (AKA, FPD) vulnerabilities enable the attacker to see the path to the webroot/file. Eg:...

Format string attack

Format string attack Description The Format String exploit occurs when the submitted data of an input string is evaluated as a command by the...

Direct Static Code Injection

Direct Static Code Injection Description Direct Static Code Injection attack consists on injecting code directly onto the resource used by...

Cross-site-scripting

Cross-site-scripting Description Cross-Site Scripting attacks are an instantiation of injection problems, in which malicious scripts are injected...

Cross Frame Scripting

Cross Frame Scripting Description Cross Frame Scripting (XFS) is an attack that belongs to the Cross Site Scripting family. The attacker using...

Command Injection

Command Injection Description Purpose of the command injection attack is to inject and execute commands specified by the attacker in the...

Code Injection

Code Injection Description Code Injection is the general name for a lot of types of attacks, which depends on inserting of the code, which will...

Blind XPath Injection

Blind XPath Injection Description XPath is a sort of query language that describes how to locate specific elements (including attributes,...

Blind SQL Injection

Blind SQL Injection Description When an attacker executes SQL Injection attacks sometimes the server responds with error messages from the...

Argument Injection or Modification

Argument Injection or Modification Description Argument Injection or Modification is a specific case of attack, which belongs to Injection...

XSS in error pages

XSS in error pages Description During creating dynamiac web pages it's easy to make a mistake. If generated page depends on entered data (e.g....