Java Vulnerable Lab – Learn to Hack and secure Java based Web Applications

We (Cyber Security and Privacy Foundation) have developed a vulnerable Java based Web Applicatoin . This app is intended for the Java Programmers and other people who wish to learn about Web application vulnerabilities and write secure code. The full course on Hacking and Securing Web Java Programs is available in Warning: Don’t run […]

Complete Cross site Scripting(XSS) cheat sheets : Part 1

We are producing this XSS Cheat sheet after collecting the codes from hackers’ techniques and different sites especially .  This is complete list of XSS cheat codes which will help you to test xss vulnerabilities ,useful for bypassing the filters.  If you have any different cheat codes , please send your code. Basic XSS […]

Complete Cross Site Scripting(XSS) Guide : Web Application Pen Testing

Hello BTS readers, Here is complete series that explains everything about the Cross site scripting.  Still more articles are on the way, Stay tuned to BreakTheSec..!Link To Tutorials: Cross Site Scripting(XSS) Basics DOM Based XSS attack XSS Filter Bypass Techniques Self-XSS (Cross Site Scripting) :Social Engineering Attack and Prevention  XSS Cheat Sheet  XSS Attacks Examples […]

Introduction to Vulnerability Assessment

What is Vulnerability Assessment? Vulnerability Assessment is the process that identifies and classifies the vulnerability in a system. The vulnerability are performed in various systems such as IT systems,nuclear power plants, water supply system,etc. Vulnerability from the perspective of disaster management means assessing the threats from potential hazards to the population and to infrastructure. It may […]

Self-XSS (Cross Site Scripting) ~ Social Engineering Attack and Prevention

Last time , we have explained about the Clickjacking attack and prevention.  Today,  i am going to explain about the Self-XSS(Cross Site Scripting) Attack What is Self-XSS? Self-XSS is one of the popular Social Engineering Attack used by Attackers to trick users into paste the malicious code in browser.  Results in attacker accessing to the […]