brute force cracking   暴力破解

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.

Session fixation

http://www.c-sharpcorner.com/UploadFile/ajyadav123/session-fixation-vulnerability-detection-in-Asp-Net/
https://www.codeproject.com/Articles/210993/Session-Fixation-vulnerability-in-ASP-NET

http://blog.csdn.net/newjueqi/article/details/7548976

https://en.wikipedia.org/wiki/Session_fixation#Countermeasures

https://www.cnblogs.com/luminji/archive/2012/05/30/2511357.html

Improper Session Management

https://www.owasp.org/index.php/Top_10_2013-A2-Broken_Authentication_and_Session_Management

Cross-site Scripting (XSS)  跨站点脚本攻击

https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

http://blog.csdn.net/yefan2222/article/details/7091863

solution

https://github.com/mganss/HtmlSanitizer

OTP flooding attack  One-time passwords  短信动态验证码

http://www.wwpass.com/company/blog/vulnerability-of-one-time-passwords-over-sms

WEB安全扫描器Netsparker推荐给大家

下载链接: http://pan.baidu.com/s/1pJI4gHX 密码: pygm

ASP.NET web application security review: Do's & Don'ts

https://www.codeproject.com/Articles/291562/Asp-net-web-application-Security-Review-Dos-Dont

最新文章

  1. C#Light 再推荐,顺便介绍WP8 功能展示项目
  2. 元祖签约K2 BPM,引领绿色健康食品!
  3. jszs 快速排序
  4. 第二百七十二、三天 how can I 坚持
  5. RH133读书笔记(7)-Lab 7 Advanced Filesystem Mangement
  6. [Web开发(1)] MyEclipse/Eclipse 使用Tomcat部署Web/Maven项目经典错误
  7. Python的下划线_
  8. Kali Linux中下载工具Axel的安装和使用
  9. Django的ORM那些相关操作
  10. [CQOI2014]危桥
  11. [Swift]LeetCode270. 最近的二分搜索树的值 $ Closest Binary Search Tree Value
  12. 【网址】ILSpy,C# .net/dot net的反编译工具
  13. LodopJS文档式模版的加载和赋值
  14. win7共享打印机和防火墙配置
  15. 利用spring boot+vue做的一个博客项目
  16. Spark机器学习(6):决策树算法
  17. php5.3新垃圾回收机制详解
  18. ubutu强制关闭应用程序的方法
  19. 使用uliweb创建一个简单的blog
  20. how to disabled iframe page open new window / new tab

热门文章

  1. 0x17 二叉堆
  2. Linux平台Oracle多个实例启动说明
  3. [jzoj 5664] [GDOI2018Day1模拟4.6] 凫趋雀跃 解题报告(容斥原理)
  4. QT-helloworld-QtCreater编写
  5. 理解Cookie与Session
  6. redux原理
  7. 用Latex做介绍自己和团队科研的网页
  8. 给大家介绍几个常见的Android代码片段
  9. mysql5.5碰到的type= MyISAM报错问题
  10. Python 进行网络编程