bg_image
header

Browser Exploit Against SSL TLS - BEAST

BEAST (Browser Exploit Against SSL/TLS) was a security vulnerability discovered in September 2011. This vulnerability primarily affected the TLS (Transport Layer Security) protocol, specifically the Cipher Block Chaining (CBC) encryption mode in conjunction with the SSLv3 and TLS 1.0 protocols.

BEAST allowed an attacker to eavesdrop on and decrypt encrypted traffic between a web browser and a server. This was achieved by exploiting a weakness in the way CBC encryption was implemented in SSL/TLS.

To protect against BEAST attacks, it was recommended to upgrade to newer versions of TLS and to use alternative encryption methods that were not vulnerable to this weakness. Many web servers and browsers also implemented patches to mitigate the impact of BEAST.

 


Created 8 Months ago

Padding Oracle On Downgraded Legacy Encryption - POODLE

POODLE (Padding Oracle On Downgraded Legacy Encryption) was a security vulnerability in the SSLv3 (Secure Sockets Layer version 3) encryption protocol, discovered in October 2014. This vulnerability allowed an attacker to eavesdrop on and manipulate encrypted traffic between a web browser and a server. The attack exploited a weakness in the way SSLv3 processed blocks of encrypted data with padding. By exploiting this vulnerability, an attacker could, under certain circumstances, steal sensitive information such as cookies.

Due to the severity of the vulnerability, security experts recommended disabling the use of SSLv3 and upgrading to newer and more secure encryption protocols such as TLS (Transport Layer Security). Many web servers and browsers removed or disabled SSLv3 support to protect against POODLE attacks.

 


Created 8 Months ago

JSON Web Token - JWT

A JSON Web Token (JWT) is a compact, secure, and self-describing format for exchanging information between parties. It consists of a JSON structure that has three parts: the header, the payload, and the signature.

  1. Header: The header contains metadata about the type of the token and the signature algorithm used.

  2. Payload: The payload contains the actual claims or information carried by the token. These claims can include user data, roles, permissions, etc.

  3. Signature: The signature is used to ensure that the token has not been tampered with. It is created by signing the header, payload, and a secret key (known only to the issuer of the token).

JWTs are commonly used for authentication and authorization in web applications. For example, they can be used to authenticate users after login and grant them access to specific resources by being stored in HTTP headers or HTTP cookies and exchanged between the client and the server.


Created 8 Months ago

Common Weakness Enumeration - CWE

CWE stands for "Common Weakness Enumeration." It is a standardized list of known security vulnerabilities and weaknesses commonly found in software applications and systems. Managed and maintained by the MITRE Corporation, a nonprofit organization, CWE serves as a reference for security professionals, developers, and organizations to identify, understand, and address vulnerabilities.

CWE contains several hundred entries, each with a unique number and description, categorized into various groups, including injection flaws, cross-site scripting (XSS), authentication issues, sensitive data exposure, and cryptographic weaknesses.

It serves as a valuable tool for risk assessment, security analysis, and software development, helping developers understand and mitigate security vulnerabilities before they can be exploited. CWE is often used in conjunction with other security standards and guidelines, such as the Common Vulnerability Scoring System (CVSS) and the OWASP Top Ten.

 


Created 8 Months ago

Obfuscation

Obfuscation is a process where the source code of a program is altered to make it difficult for humans to understand while maintaining its functionality. This is often done to protect the source code from reverse engineering or to make it more compact without affecting functionality. Techniques such as renaming variables and functions, adding unnecessary code, or altering the program's structure are used. Obfuscation is commonly employed in software development, especially in the creation of commercial software products or in providing software as a service (SaaS), to protect intellectual property and make unwanted manipulation more difficult


Created 8 Months ago

Firewall

A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks, such as the internet, to prevent unauthorized access to or from the internal network.

Firewalls can be implemented in various forms:

  1. Network Firewall: This type of firewall is typically deployed at the perimeter of a network, such as between an organization's internal network and the internet. It examines packets of data as they pass through, filtering them based on predefined rules to allow or block traffic.

  2. Host-Based Firewall: Host-based firewalls are installed on individual computers or devices to control traffic at the device level. They provide an additional layer of defense by filtering traffic based on specific rules configured for that host.

Firewalls operate based on different filtering methods:

  • Packet Filtering: Packet-filtering firewalls examine packets of data as they pass through the network based on criteria such as source and destination IP addresses, port numbers, and protocols. They make decisions to allow or block packets based on predefined rules.

  • Stateful Inspection: Stateful inspection firewalls keep track of the state of active connections and use this information to make decisions about whether to allow or block traffic. They maintain a record of the state of connections, such as TCP handshakes, and only allow traffic that corresponds to legitimate, established connections.

  • Proxy Firewalls: Proxy firewalls act as intermediaries between clients and servers, intercepting and inspecting traffic before forwarding it to its destination. They can provide additional security by hiding the internal network's IP addresses and applying advanced security measures such as content filtering and application-layer inspection.

Firewalls are a fundamental component of network security and help protect against unauthorized access, data breaches, malware infections, and other cyber threats by enforcing access control policies and filtering potentially harmful traffic.

 


Created 8 Months ago

Intrusion Detection Systems - IDS

Intrusion Detection Systems (IDS) are security solutions designed to continuously monitor networks or computer systems and look for potential security breaches or attacks. The purpose of an Intrusion Detection System is to detect suspicious activities that may indicate an intrusion into a network or system, and subsequently trigger alerts or take actions to ensure security.

There are two main types of Intrusion Detection Systems:

  1. Network-based Intrusion Detection Systems (NIDS): These systems monitor the traffic within a network and look for anomalies or known attack patterns. They analyze packets being transmitted across the network to detect suspicious activities that may indicate an attack or security breach.

  2. Host-based Intrusion Detection Systems (HIDS): In contrast to NIDS, HIDS monitor activities on individual hosts or computers. They monitor system logs, file systems, and other system resources for signs of attacks or unusual behavior that may indicate a security breach.

An Intrusion Detection System can be either signature-based or behavior-based:

  • Signature-based IDS: These detect attacks based on pre-defined patterns or signatures of known attacks. They compare network traffic or system behavior to a database of known attack signatures and trigger an alert when matches are found.

  • Behavior-based IDS: These analyze the normal behavior of the network or system and look for deviations or anomalies that may indicate potential attacks. They operate on the principle that attacks often cause unusual activities that deviate from normal operational behavior.

Intrusion Detection Systems play a crucial role in monitoring and securing networks and computer systems by responding early to potential threats and detecting security breaches to take appropriate countermeasures.

 


Created 8 Months ago

HTTP-Amplification

HTTP Amplification is a term often used in the context of cyber attacks and internet security. It refers to a type of Distributed Denial of Service (DDoS) attack where the attacker uses HTTP requests to redirect excessive traffic to a server or website.

Essentially, the attacker exploits a variety of HTTP requests to overwhelm the server, making it inaccessible to legitimate users. This is often done by exploiting vulnerabilities in web server configurations or utilizing botnets to send a large number of requests.

The term "Amplification" refers to how the attacker "amplifies" the traffic by sending small requests, which are then responded to by the server in much larger replies. This can cause the server to expend a significant amount of resources processing these requests, rendering it unreachable for legitimate users.

To protect against HTTP Amplification attacks, web servers can be configured to limit requests or implement filters to identify and block suspicious requests. Additionally, Content Delivery Networks (CDNs) and DDoS protection services can be employed to monitor traffic and mitigate attacks before they reach the server.

 


Created 8 Months ago

Slowloris Attack

A Slowloris attack is a form of a "Low-and-Slow" attack that aims to overload a web server and prevent access to it by tying up all available connections to the server. In a Slowloris attack, the attacker sends many HTTP requests to the server, but does so extremely slowly by intentionally delaying the data transfer.

Typically, the attacker opens many connections to the server and keeps them open by sending only part of the request and then leaving the connection open by sending additional parts of the request slowly or simply not sending any further data. This way, all available connections to the server are tied up, preventing legitimate users from establishing a connection since there are no free connections available.

This attack is particularly effective against web servers that do not enforce a limited number of connections per user or IP address and rely on the server's resource availability to serve requests. However, a well-configured web server can detect and mitigate such attacks.

 


Created 8 Months ago

Denial of Service - DoS

DoS stands for "Denial of Service" and refers to a type of cyberattack where an attacker attempts to render a service, resource, or infrastructure inaccessible or non-functional by disrupting or interrupting normal operation. The main goal of a DoS attack is to deny legitimate users access to a service or resource by impairing the availability of the service.

There are various types of DoS attacks, including:

  1. Volumetric Attacks: These attacks overwhelm the target with a large volume of traffic or requests to exhaust its resources and make it unreachable. An example of a volumetric DoS attack is a Distributed Denial of Service (DDoS) attack, where attackers use a multitude of compromised devices to simultaneously flood the target with traffic.

  2. Protocol Flood Attacks: These attacks exploit vulnerabilities in network protocols to overwhelm the target's resources. An example is a SYN Flood attack, where the attacker sends a large number of TCP SYN requests without responding to them, causing the target to exhaust resources processing these requests.

  3. Application Layer Attacks: These attacks target vulnerabilities in applications or services, attempting to crash or overload them by sending specially crafted requests or payloads. An example is an HTTP Flood attack, where the attacker sends a large number of HTTP requests to a website to exhaust its resources.

The impact of DoS attacks can be significant, including service outages, disruption of business operations, financial losses, and reputational damage. Organizations implement various measures to protect against DoS attacks, including the deployment of firewalls, Intrusion Detection and Prevention Systems (IDS/IPS), load balancers, Content Delivery Networks (CDNs), and specialized DoS protection services.

 


Created 9 Months ago
Categories
Object-oriented programming 23 Applications 50 Design Patterns 20 Strategies 99 Continuous Integration - CI 2 Testing 9 Characteristic 42 Protocols 12 Communication 9 Data Structure 5 Version Control 6
PHP 49 Python 2 Ruby 1 TypeScript 2 JavaScript 15 Erlang 2 Java 3 General 3 Python 0
NoSQL 9 Relational Databases 15 Concepts 4 General 5 Data Warehouse 2 Time Series Databases 1 Data Types 1
Terraform 1 Cloud Computing 11 Server 4 Network 26 Virtualization 3 Ansible 1 Architecture 7 Characteristics 1
Cascading Style Sheets - CSS 3 Leaner Style Sheets - LESS 1 Syntactically Awesome Stylesheets - Sass 1
Attack Methods 17 Security Mechanisms 11 Organisations 1 Famous Security Loopholes 3
HTML 3 XML 4 Extensible Hypertext Markup Language - XHTML 1 Markdown 1
CSS 1
Kuenstliche Intelligenz 5
SCRUM 5 General 1 Kanban 1 Extreme Programming - XP 1 Crystal 5 Dynamic Systems Development Method - DSDM 1 Feature Driven Development - FDD 1
Applications 2
Tags
PSR-12 1 Number of entries with this tag On-Page optimization 1 Number of entries with this tag Rich Site Summary - RSS 1 Number of entries with this tag Functional Tests 9 Number of entries with this tag Breaking Changes 1 Number of entries with this tag Dead Code 2 Number of entries with this tag Selenium 1 Number of entries with this tag Content Security Policy - CSP 6 Number of entries with this tag Object Query Language - OQL 2 Number of entries with this tag Domain Driven Design - DDD 1 Number of entries with this tag Local keywords 2 Number of entries with this tag Web Development 323 Number of entries with this tag Composer Unused 1 Number of entries with this tag Bourne Again Shell - Bash 1 Number of entries with this tag Subscriber 2 Number of entries with this tag
Latest Article

Syntax

in Category

DevelopmentPrinciplesCharacteristic

Created 19 Hours 2 Minutes ago
Random Article

Hardware-API

in Category

DevelopmentPrinciplesApplications

Created 1 Year ago
Random Tech

Bitbucket

Bitbucket-Logo-blue.svg.png