WEB APPLICATION HACKING BASICS
In this following post we will have a little basicunderstanding about web application and web application hacking. Now before our discussion on what is web application hackinglets understand first what a web application is? A web application is application which can be accessed over Internet or Intranet. Usually a term web application is used for a computer application hosted over a web server which can be accessed using web browser.The main motive of a web application is to give more functionality than just a website. Webmails, database, login forms, flash scripts, Java scripts and applets, discussion boards, guest books, blogs including blogger and word-press all are examples of web applications.
A web application works on principle of client/server architecture where a web browser usually acts as a client and web server acts as application server. In early days usually Java was held as programming language for web application development but things are changed with time. All web applications are designed to perform some specific task or job in a possible easier way like online shopping, banking, social networking(even facebook is a web app), mailing and even sharing of information in an interactive way. Since there are several types of web applications it’s still little problematic situation to classify them on basis of application, vulnerability and threat level. But most commonly web application related threats can be classified as follows,
Cross Site Scripting (XSS) Attacks
SQL Injection
Command Injection
Cookie Attacks
Parameter/Form Tampering
Buffer Overflow
Directory Transversal
Cryptographic Authentication Attack or SSL Attack
Platform Exploiting
File Inclusion
Few of above are still under controversy about getting included as web application threat. By the way as you can see list is long and we will surely spend a lot of time understanding and creating countermeasure to them. There some other basic things too to consider before we move towards real web application hacking but we will cover them next time. Till then thanks for reading, have a nice time and keep visiting.
In this following post we will have a little basicunderstanding about web application and web application hacking. Now before our discussion on what is web application hackinglets understand first what a web application is? A web application is application which can be accessed over Internet or Intranet. Usually a term web application is used for a computer application hosted over a web server which can be accessed using web browser.The main motive of a web application is to give more functionality than just a website. Webmails, database, login forms, flash scripts, Java scripts and applets, discussion boards, guest books, blogs including blogger and word-press all are examples of web applications.
A web application works on principle of client/server architecture where a web browser usually acts as a client and web server acts as application server. In early days usually Java was held as programming language for web application development but things are changed with time. All web applications are designed to perform some specific task or job in a possible easier way like online shopping, banking, social networking(even facebook is a web app), mailing and even sharing of information in an interactive way. Since there are several types of web applications it’s still little problematic situation to classify them on basis of application, vulnerability and threat level. But most commonly web application related threats can be classified as follows,
Cross Site Scripting (XSS) Attacks
SQL Injection
Command Injection
Cookie Attacks
Parameter/Form Tampering
Buffer Overflow
Directory Transversal
Cryptographic Authentication Attack or SSL Attack
Platform Exploiting
File Inclusion
Few of above are still under controversy about getting included as web application threat. By the way as you can see list is long and we will surely spend a lot of time understanding and creating countermeasure to them. There some other basic things too to consider before we move towards real web application hacking but we will cover them next time. Till then thanks for reading, have a nice time and keep visiting.
"Empowering ideas, sparking infinite possibilities."Generator
ReplyDelete