web security
brute force cracking 暴力破解
Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.
Session fixation
http://www.c-sharpcorner.com/UploadFile/ajyadav123/session-fixation-vulnerability-detection-in-Asp-Net/
https://www.codeproject.com/Articles/210993/Session-Fixation-vulnerability-in-ASP-NET
http://blog.csdn.net/newjueqi/article/details/7548976
https://en.wikipedia.org/wiki/Session_fixation#Countermeasures
https://www.cnblogs.com/luminji/archive/2012/05/30/2511357.html
Improper Session Management
https://www.owasp.org/index.php/Top_10_2013-A2-Broken_Authentication_and_Session_Management
Cross-site Scripting (XSS) 跨站点脚本攻击
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
http://blog.csdn.net/yefan2222/article/details/7091863
solution
https://github.com/mganss/HtmlSanitizer
OTP flooding attack One-time passwords 短信动态验证码
http://www.wwpass.com/company/blog/vulnerability-of-one-time-passwords-over-sms
WEB安全扫描器Netsparker推荐给大家
下载链接: http://pan.baidu.com/s/1pJI4gHX 密码: pygm
ASP.NET web application security review: Do's & Don'ts
https://www.codeproject.com/Articles/291562/Asp-net-web-application-Security-Review-Dos-Dont
最新文章
- C#Light 再推荐,顺便介绍WP8 功能展示项目
- 元祖签约K2 BPM,引领绿色健康食品!
- jszs 快速排序
- 第二百七十二、三天 how can I 坚持
- RH133读书笔记(7)-Lab 7 Advanced Filesystem Mangement
- [Web开发(1)] MyEclipse/Eclipse 使用Tomcat部署Web/Maven项目经典错误
- Python的下划线_
- Kali Linux中下载工具Axel的安装和使用
- Django的ORM那些相关操作
- [CQOI2014]危桥
- [Swift]LeetCode270. 最近的二分搜索树的值 $ Closest Binary Search Tree Value
- 【网址】ILSpy,C# .net/dot net的反编译工具
- LodopJS文档式模版的加载和赋值
- win7共享打印机和防火墙配置
- 利用spring boot+vue做的一个博客项目
- Spark机器学习(6):决策树算法
- php5.3新垃圾回收机制详解
- ubutu强制关闭应用程序的方法
- 使用uliweb创建一个简单的blog
- how to disabled iframe page open new window / new tab