Top 3: Injection

Cross-Site Scripting

SQL Injection

Broken authentication

Direct object reference

No vulnerability present

By analyzing the response for specific content patterns or delays

By intercepting network traffic using a packet sniffer

By checking server logs for error messages

By monitoring the CPU and memory usage on the server

Cookies

URL parameters

HTTP headers

User-generated content

XSS attacks manipulate server-side code, while CSRF attacks manipulate client-side code.

XSS attacks target user sessions, while CSRF attacks manipulate user actions.

XSS attacks involve the injection of malicious scripts into web pages, while CSRF attacks trick users into making unintended requests.

XSS attacks are more sophisticated than CSRF attacks.

To steal sensitive data from a database

To inject malicious code into a web application

To gain unauthorized access to a server and execute arbitrary code

To manipulate user sessions and access unauthorized resources

The source of the injected script

The need for user interaction

The targeted web application

The location of the victim's data

Commands run as a root always

Outside your permission boundary

Impossible to detect

Small scale machines such as diebol ATMs

Large-scale sequel databases such as those containing credit card information

Servers running SQL databases similar to Hadoop or Hive

Servers built on NoSQL

A user visits a site's homepage

A site prompts the user for their username and password

A site produces an error message for an invalid username

A user clicks on a hyperlink to visit another page in the same site

A user clicks on a hyperlink to visit another page in a different site

Carefully validating user input and rejecting invalid input before executing any SQL requests.

Ensuring that you use only database software that has been widely tested and is generally considered secure.

Code all your database access functions in a strongly-typed language to ensure that you do not have a type mismatches.

Always run the database on a remote machine and use SSL whenever you communicate with it.