WordPress VAPT And Fixation Techniques

VULNERABILITIES FIXATION TOOL USED FOR SCAN – WPSCAN. PLUGIN USED FOR FIXATION Full path disclosure: Many websites running WordPress are exposing the internal path/full path where the php files are installed when they display a php message error. This can be used to facilititate further attacks such as path traversal. – In a php.ini file,…

Vulnerability Assessment in 3 PHP Frameworks

Vulnerability Assessment in 3 PHP Frameworks PHP is the most widely used server side language to build web applications and has a good variety of frameworks, most of them open source. Their popularity and increasing usage makes them an attractive target for hackers. So before adapting any of such frameworks for your project, be sure…

PHP Security Best Practices-2

PHP security PHP is a powerful and flexible tool. This power and flexibility comes from PHP being a very thin framework sitting on top of dozens of distinct 3rd-party libraries. Each of these libraries has their own unique input data characteristics. Data that may be safe to pass to one library may not be safe…

PHP Security Best Practices – 1

Title: PHP Security Scope of article In the open source world, PHP programming is always given first choice due to its availability and flexibility. It is a powerful server side scripting language, and provides a robust framework to create versatile web applications. However few most recent virus attacks on php based websites have shown that,…

How to handle Non Persistent XSS injection

How to handle Non Persistent XSS injection Cross-site scripting (XSS) attacks are a type of injection, in which malicious scripts are injected in the client side of the web application to exploit confidential data stored in the browser like cookies, session tokens and other sensitive information. The attackers target the modification of the content of…

Angular JS Security Fundamentals

AngularJS Vulnerability Assessment on Web ⦁ Introduction: In this era of digitization, technology has been changing at a rapid pace and businesses are always looking for adopting new and disruptive technologies. Most of these technologies are easy to use, expressive and more convenient for the clients. No doubt that these technologies are powerful but at…