Internet Security Definitions

  • C

    command injection

    Command injection is the insertion of HTML code into dynamically generated output by a malevolent hacker (also known as a cracker) seeking unauthorized access to data or network resources...

  • content spoofing

    Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate.

  • cross-site tracing (XST)

    Cross-site tracing (XST) is a sophisticated form of cross-site scripting (XSS) that can bypass security countermeasures already put in place to protect against XSS... (Continued)

  • I

    integer overflow

    Integer overflow is the result of trying to place into computer memory an integer (whole number) that is too large for the integer data type in a given system.

  • L

    LDAP injection

    LDAP injection is a type of security exploit that is used to compromise the authentication process used by some websites. Websites that construct Lightweight Directory Access Protocol (LDAP) statements from data provided by users are vulnerable to this type of attack.

  • O

    OS commanding

    OS commanding is a method of attacking a Web server by remotely gaining access to the operating system (OS) and then executing system commands through a browser... (Continued)

  • R

    regular expression (regex)

    A regular expression (sometimes abbreviated to "regex") is a way for a computer user or programmer to express how a computer program should look for a specified pattern in text and then what the program is to do when each pattern match is found.

  • S

    session hijacking (TCP session hijacking)

    Session hijacking, also known as TCP session hijacking, is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user... (Continued)

  • session ID

    A session ID is a unique number that a Web site's server assigns to identify a specific user for the duration of that user's visit (session)...

  • session prediction (credential/session prediction)

    Session prediction, also called credential/session prediction, is a method of surreptitiously obtaining data (called a session ID) about an authorized visitor to a Web site... (Continued)

  • SQL injection

    SQL injection is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data.

  • SSI injection

    SSI injection is a form of attack that can be used to compromise Web sites that contain SSI (server-side include) statements... (Continued)

  • X

    XPath injection

    XPath injection is an attack targeting Web sites that create XPath queries from user-supplied data... (Continued)

-ADS BY GOOGLE

SearchMicroservices

TheServerSide.com

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchHRSoftware

SearchHealthIT

DevOpsAgenda

Close