Internet Security Definitions

  • C

    command injection

    Command injection is the insertion of HTML code into dynamically generated output by a malevolent hacker (also known as a cracker) seeking unauthorized access to data or network resources...

  • content spoofing

    Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate.

  • cross-site scripting (XSS)

    Cross-site scripting (XSS) is a security exploit which is carried out on Web applications that accept input, but do not properly separate data and executable code before the input is delivered back to a user’s browser.

  • cross-site tracing (XST)

    Cross-site tracing (XST) is a sophisticated form of cross-site scripting (XSS) that can bypass security countermeasures already put in place to protect against XSS... (Continued)

  • cryptography

    Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. The term is most often associated with scrambling plaintext (ordinary text, sometimes referred to as cleartext) into ciphertext (a process called encryption), then back again (known as decryption).

  • I

    integer overflow

    Integer overflow is the result of trying to place into computer memory an integer (whole number) that is too large for the integer data type in a given system.

  • L

    LDAP injection

    LDAP injection is a specific form of attack that can be employed to compromise Web sites that construct LDAP (Lightweight Directory Access Protocol) statements from data provided by users... (Continued)

  • O

    OS commanding

    OS commanding is a method of attacking a Web server by remotely gaining access to the operating system (OS) and then executing system commands through a browser... (Continued)

  • R

    regular expression (regex)

    A regular expression (sometimes abbreviated to "regex") is a way for a computer user or programmer to express how a computer program should look for a specified pattern in text and then what the program is to do when each pattern match is found.

  • S

    session hijacking (TCP session hijacking)

    Session hijacking, also known as TCP session hijacking, is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user... (Continued)

  • session ID

    A session ID is a unique number that a Web site's server assigns to identify a specific user for the duration of that user's visit (session)...

  • session prediction (credential/session prediction)

    Session prediction, also called credential/session prediction, is a method of surreptitiously obtaining data (called a session ID) about an authorized visitor to a Web site... (Continued)

  • SQL injection

    SQL injection is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data.

  • SSI injection

    SSI injection is a form of attack that can be used to compromise Web sites that contain SSI (server-side include) statements... (Continued)

  • X

    XPath injection

    XPath injection is an attack targeting Web sites that create XPath queries from user-supplied data... (Continued)

-ADS BY GOOGLE

SearchMicroservices

TheServerSide.com

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

DevOpsAgenda

Close