4. SQL InJECTION
statement = "SELECT * FROM users WHERE name = '" +
userName + "';"
SELECT * FROM users WHERE name = '' OR '1'='1';
' OR '1'='1' --
' OR '1'='1' ({
' OR '1'='1' /*
UserName =
5. BliND SQL InJECTION
SQLi where attacker is Blind to SQL error
response and uses true/false response
to exploit
https://www.facebook.com?id=1008 AND substring(@@version, 1, 1)=5
7. Cross Site REQUEST FORGERY (CSRF)
Attacker executes request on vulnerable
domain with victim’s authenticated
context to perform state changing
actions
12. Cross Site SCRIPTING (XSS)
Attacker injects malicious client side scripts to
be executed in context of vulnerable domain
Reflected Persistent DOM XSS
17. COOKIE Security
Attribute Value Meaning
Secure true Only send through https
http-only True Disable script access
Domain secure.example.com Send for that domain & subdomains
Expires 31-Jul-2016 13:45 Persist it till expiry date
Set-Cookie:SID=AYQEV;Domain=.gmail.com; Path=/; Expires=Wed, 13 Jan
2021 22:23:01 GMT;Secure;HttpOnly