-
What is BOLA: Broken Object Level Authorization Vulnerability
In this guide, we’ll learn what Broken Object Level Authorization is, how it can be exploited, real-world examples with vulnerable and secure code, and best practices for protecting APIs from unauthorized access. What is Broken Object Level Authorization (BOLA)? Broken Object Level Authorization (BOLA) is a security vulnerability where an application allows users to access…
-
What is PMKID Attack on Wi-Fi Networks?
This ethical hacking guide explains what a PMKID attack is, how it works, the tools used and how to prevent such attacks on Wi-Fi networks in cyber security. Understanding PMKID PMKID stands for Pairwise Master Key Identifier. It is a component in the process of establishing a secure connection in Wi-Fi networks, particularly those using…
-
Credential Stuffing vs Password Spraying
This ethical hacking guide explores the differences between credential stuffing and password spraying attacks along with their prevention in cyber security. What is Credential Stuffing? Credential stuffing is a type of cyber attack where attackers use lists of compromised usernames and passwords from previous data breaches to gain unauthorized access to user accounts on different…
-
Sidejacking: Attack, Example and Prevention
This ethical hacking guide explains what sidejacking is, how session sidejacking works, an example of sidejacking attack, and its prevention in cyber security. What is Sidejacking? Sidejacking is a type of session hijacking attack that involves sniffing network traffic to find and capture session tokens, which are often transmitted insecurely. This attack uses unencrypted communications…
-
HTML Smuggling: Attack, Example and Prevention
This guide explains what HTML Smuggling is, how it works, types of attacks, POC example, detection, prevention and mitigation techniques in cyber security. What is HTML Smuggling? HTML Smuggling is a technique used to bypass security mechanisms by embedding malicious payloads within HTML or JavaScript code, allowing the transfer of unauthorized files to a user’s…
-
Shellbags Analysis in Windows Forensics
This guide explains what shellbags are, their importance in Windows forensics investigations, and the shellbag analysis process with tools and case studies. What are Shellbags? Shellbags are a forensic artifact found in the Microsoft Windows operating system. They are essentially Windows Registry keys that store information about the appearance and behavior of Windows Explorer when…