Web Application Security Zone by Netsparker

Content Security Policy (CSP) Standard Explained

Category: Web Security Readings - Last Updated: Fri, 11 Nov 2016 - by Sven Morgenroth

This article explains how the Content Security Policy security standard works and how it can be used by web developers when developing web applications to avoid cross-site scripting, clickjacking, protocol downgrading and other vulnerabilities web applications are typically susceptible to. Read More

Local File Inclusion Vulnerability

Category: Web Security Readings - Last Updated: Wed, 31 Aug 2016 - by Robert Abela

This introductory article explains how the Local File Inclusion vulnerability works, how attackers can exploit it on vulnerable web applications, and also recommends development best practices to prevent it. Read More

Command Injection Vulnerability

Category: Web Security Readings - Last Updated: Fri, 25 Nov 2016 - by Sven Morgenroth

This article explains what is the command injection vulnerability, how it works (how malicious hackers can exploit it) and also explains how to ensure your web applications are not vulnerable to this vulnerability. Read More