Stored XSS: Impact, Examples, and Prevention
What Is Stored XSS (Cross Site Scripting)? XSS is an attack technique that injects malicious code into vulnerable web applications. Unlike other attacks, this technique
January 24, 2022
AppSec Blog
Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more
Snyk CLI Quick Guide: Installation and Common Commands
What Is Snyk CLI? Snyk is a popular security testing platform for developers. The Snyk Command Line Interface (CLI) lets you introduce Snyk functionality into
January 17, 2022
8 Great Snyk Alternatives
What is Snyk? Snyk is an application security testing tool that lets you identify and remediate vulnerabilities in open source components, proprietary source code, containers,
January 13, 2022
7 Open Source Pentesting Tools and When To Use Them
What is Pentesting and what are Pentesting tools? The goal of pentesting (penetration testing) is to detect security vulnerabilities by utilizing specific processes, tools and
January 10, 2022
XSS Attack: 3 Real Life Attacks and Code Examples
What is an XSS Attack? A cross-site scripting (XSS) attack injects malicious code into vulnerable web applications. XSS does not target the application directly. Instead,
January 10, 2022
Deserialization in Java and How Attackers Exploit It
What is deserialization in Java? Serialization in Java represents a process in which an object in the Java programming language is converted into a format
December 20, 2021
Penetration Testing Report: 6 Key Sections and 4 Best Practices
What Is a Penetration Testing Report? Penetration testing (pentesting) involves assessing the security of a system, network, or application. Although pentesters use the same techniques
December 20, 2021
Nexploit Product Update – November 2021
This blog post announces the November 2021 Update for Nexploit.We added some new features and product enhancements that will make your experience even better. Improvements
December 14, 2021
DevOps Testing: The Basics and 5 Best Practices
What Is DevOps Testing? DevOps is a methodology promoting close communication and cooperation between development and operations teams. Implementing DevOps requires adopting certain tools and
December 13, 2021
Local File Inclusion (LFI): Understanding and Preventing LFI Attacks
What is Local File Inclusion (LFI)? Local File Inclusion is an attack technique in which attackers trick a web application into either running or exposing
December 13, 2021
What is Penetration Testing as a Service (PTaaS)?
Organizations are under constant threat from a wide variety of vulnerabilities. Security professionals can be slow to identify and remediate vulnerabilities in software and IT
December 9, 2021
Application Security Testing: 3 Types and 4 Security Solutions
What is Application Security Testing? Application security testing (AST) is an umbrella term for methodologies that assist in finding and eliminating software vulnerabilities. The security
December 8, 2021
Black-Box Penetration Testing: Pros and Cons
What is Black-Box Penetration Testing? The term black-box penetration testing (pentesting) refers to external tests aimed at identifying vulnerabilities in systems, applications, or networks. Unlike
December 3, 2021
What is Persistent (Stored) XSS and How it works
What is Persistent (Stored) XSS There are several types of cross site scripting (XSS) attacks to be concerned about, however the most dangerous XSS attack
December 3, 2021
© 2021 NeuraLegion Inc. All Rights Reserved