Encoding
|
Encryption
|
Hashing
|
Maintaining data usability
|
Maintaining data confidentiality
|
Validating the integrity of content
|
Reversed data by employing same algorithm
|
Reversed data by secret key
|
Validate through the signature
|
No secret key
|
Use key
|
Signature by a sender
|
SQL Injection
|
Blind SQL Injection
|
Display error message
|
Does not see an error message
|
It does not ask ant question
|
It ask a true and false question to database
|
Attacker see the result
|
Attacker not see the result
|
SQL Injection
|
Cross-Site Scripting
|
Inserting query syntax
|
Embedded script tags in URL
|
Attacker send simple text based syntax
|
Attacker send simple text based script
|
Injecting SQL field value in the form of regular expression
|
Simple HTML tags in the form of the regular expression
|
It can be easily effected
|
It can be affect with average vulnerability
|
Cross-Site Scripting
|
Cross-Site Request Forgery
|
It doesn’t need authentication
|
Authenticated Session
|
Escape the basic validating
|
Server trust the user
|
Need of java script
|
Not need of javascript
|
A site that is vulnerable to XSS attacks is also vulnerable to CSRF attacks
|
A site that is completely protected from XSS types of attacks is still most likely vulnerable to CSRF attacks.
|
No comments:
Post a Comment