Cross-Site Scripting (XSS) is a prevalent web security vulnerability that attackers exploit to inject malicious scripts into seemingly legitimate websites. These scripts then execute within the victim’s browser, potentially compromising their data, hijacking sessions, or even redirecting them to malicious websites.
XSS Room
Answers for this room
1)I completed the Intro to cross site…
NoSQL Injection is a security issue that affects NoSQL databases. It’s similar to SQL Injection but targets NoSQL databases like MongoDB, CouchDB, Cassandra, and Redis. Here’s a simplified explanation of how it works and how to prevent it
What is NoSQL Injection?
NoSQL Injection happens when a hacker manipulates the input fields of a web application to inject malicious data into…
Insecure deserialization occurs when an application trusts serialized data without proper validation. Serialization is the process of converting an object (data structure) into a byte stream for storage or transmission. Deserialization reverses this process, reconstructing the object from the byte stream. Insecure deserialization arises when this deserialization process happens without validating…
SQL injection remains one of web applications’ most severe and widespread security vulnerabilities. This threat arises when an attacker exploits a web application’s ability to execute arbitrary SQL queries, leading to unauthorised access to the database, data exfiltration, data manipulation, or even complete control over the application. In this room, we will understand…
The Eviction Room is a beginner friendly room on TryHackMe that delves into the world of Advanced Persistent Threat (APT) groups and their tactics, techniques, and procedures. By exploring real-world scenarios and case studies, you’ve gained valuable insights into the cyber threat landscape.
Eviction Room
APT28(G0007)
Answers for this room
1).What is a technique used by the…