• Advertise
• Search
• Free Magazines
• Newest Links
• Categories
• Register
• Login

Penetration Testing for Web Applications (Part Two)

Added by Papergrl

Description: Our first article in this series covered user interaction with Web applications and explored the various methods of HTTP input that are most commonly utilized by developers. In this second installment we will be expanding upon issues of input validation - how developers routinely, through a lack of proper input sanity and validity checking, expose their back-end systems to server-side code-injection and SQL-injection attacks. We will also investigate the client-side problems associated with poor input-validation such as cross-site scripting attacks.