Web for Pentester
Today we're going to continue our journey through the word of web application security - more accurately XSS exercises from PentesterLab. It's great way to practice what we have learned so far and also - good challenge. Let's jump into the first one!
Distributed Denial of Service Attack
Denial of Service attacks (DOS) are one of the simplest ways to paralylze network infrastructure of the victim. Although many attacks are connected with destroying data or stealing credentials (or any kind of sensitive information), DOS attacks can cause equally big financial loss. Properly prepared, in particular Distributed Denial of Service, can cause catastrophic harm to the victim company. In addition - even though they are one of the earliest kinds of network attacks - they are getting more and more sophisticated and harder to prevent.
Cross Site Scripting
Cross Site Scripting (XSS) is a name of one of the most common vulnerability in web applications. It's third in the list of the newest OWASP Top Ten document so it's essential to know how it works.
Powefull, right? But enough story time for today, let's jump into some technical details.
Exploiting a buffer overflow vulnerability is very creative and a bit difficult to understand as it takes many different parts of computer technology knowledge to understand and pull off an attack. But after mastering, it's such a powerfull skill, as there are still programs with that kind of vulnerability. In addtion it lets you better understand how computers and programs work.
Let's explore this topic together!