SQL injection (SQLi) is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. In this post, we will understand SQL
XSS is a type of injection in which an attacker injects malicious code into a trusted website. The attacker often initiates this attack by sending a malicious link to the user and enticing
A file inclusion vulnerability enables an attacker to execute malicious files on the web server or gain access to sensitive or unauthorized data that are stored there. In this blog we will list
Before going into the details about the reverse proxy, let’s understand the proxy first. What is a proxy? It's a server that sits in front of a client machine(s). Its main
About CSRF: Attacker designs a webpage that sends requests to a vulnerable website for action like change in password, etc. Now, if a user who is pre-logged-in to the vulnerable website, comes to
Allowing the webpage to open in iframe exposes it to security attacks. In this blog, we will list out the vulnerabilities exposed and try to suggest solutions to mitigate them. Possible AttacksClickjackingIn this
The Referer HTTP request header contains the URL of the page from which the user followed the link and came to a web resource (web page, image, etc). This header can be used
Every online application must have a high level of application security. The OWASP-recommended approach for preventing XSS vulnerabilities in web applications is HTML sanitization. HTML sanitization is the process of eliminating dangerous JavaScript
Github Actions makes it easy for developers to automate software workflows like code deployment, running automated test suites and other CI/CD operations. The end goal of each workflow varies from case to
Maintenance is a challenging problem to solve for an API test suite. With new parameters getting added to existing APIs in a fast-paced development environment, this problem becomes more difficult. Usually, when negative