Vulnerabilities
SOAP Security: Top Vulnerabilities and How to Prevent Them
Learn what is the purpose of SOAP APIs, how they function, the main difference between REST and SOAP APIs, and what you can do to
June 18, 2021
AppSec Blog
Uncategorized
CSRF vs XSS: What do they have in common and what is the difference
Both CSRF and XSS are client side attacks. What else do they have in common and what is the difference between them? Learn the answer
June 14, 2021
Uncategorized
CSRF tokens: What is a CSRF token and how does it work?
CSRF (Cross Site Request Forgery) tokens can be a great mechanism in preventing CSRF attacks, but what are they? How do they protect against CSRF
June 11, 2021
Updates
NexPloit Product Update – May 2021
This blog post announces the April 2021 Update for NexPloit.We added some new features and product enhancements that will make your experience even better. New
June 8, 2021
Vulnerabilities
Complete Guide to LDAP Injection: Types, Examples, and Prevention
What is LDAP Injection? Many companies use LDAP services. LDAP serves as a repository for user authentication, and also enables a single sign-on (SSO) environment.
June 2, 2021
Vulnerabilities
How DOM Based XSS Attacks work
What is DOM Based XSS? According to various research and studies, up to 50% of websites are vulnerable to DOM Based XSS vulnerabilities. Security researchers
June 2, 2021
Uncategorized
What is Penetration Testing? Process, Types, and Tools
The term penetration testing (pentesting) refers to processes, tools, and services designed and implemented for the purpose of finding security vulnerabilities. You can run a
June 1, 2021
Vulnerabilities
Cross-Site Request Forgery (CSRF): Impact, Examples, and Prevention
Cross-site Request Forgery (CSRF/XSRF), also known as Sea Surf or Session Riding is a web security vulnerability that tricks a web browser into executing an
June 1, 2021
Vulnerabilities
3 Types of SSRF Attacks and How to Prevent Them
Server-Side Request Forgery (SSRF) attacks allow an attacker to make requests to any domains through a vulnerable server. Attackers achieve this by making the server
May 29, 2021
AppSec Testing
Microservices Security: Challenges and Best Practices
Microservices have become the leading method of application development. Unfortunately, security testing has not evolved quickly enough to address the risks introduced by this mass
May 28, 2021
Vulnerabilities
Blind SQL Injection: How it Works, Examples and Prevention
What is Blind SQL Injection? Blind SQL injections (blind SQLi) occur when a web application is exposed to SQL injection, but its HTTP responses don’t
May 27, 2021
Vulnerabilities
Local File Inclusion (LFI): Understanding and Preventing LFI Attacks
What is Local File Inclusion (LFI)? Local File Inclusion is an attack technique in which attackers trick a web application into either running or exposing
May 26, 2021
AppSec Testing
Fuzzing: The Next Big Thing in Cybersecurity?
What is Fuzzing? Fuzzing is the art of automatic bug detection. The goal of fuzzing is to stress the application and cause unexpected behavior, resource
May 25, 2021
Uncategorized
Security Testing: Types, Tools, and Best Practices
What is Security Testing? Security testing checks whether software is vulnerable to cyber attacks, and tests the impact of malicious or unexpected inputs on its
May 24, 2021
Updates
NexPloit Product Update – April 2021
This blog post announces the April 2021 Update for NexPloit. We added some new features and product enhancements that will make your experience even better.
May 24, 2021
© 2021 NeuraLegion Ltd. All Rights Reserved