Posts

Showing posts with the label Guide

How to earn some internet points on Stack Overflow

Image
Stack Overflow, the largest QA site for professional, founded by Jeff and Joel in 2008 and became an encyclopedia for everyone who work or interested in Information Technology. It became an essential part of every programmer's life. Unlike other sites, Stack Overflow focuses only on technology. Any question that are not related to technology will be closed as off topic there. Also questions to recommend some software or hardware is unacceptable by the community.

To get high reputation on Stack Overflow, you have to consider lot of things.

1. Choose your Tag(s)

Each Stack Overflow question is tagged with programming language, tools, etc. So you can watch the tags of your interest to see new questions immediately when they posted.




Choose wisely because if you answer wrongly, you may lose reputation because of down votes.

There are certain tags that have high traffic. If you choose such a tag, your earnings will be high.

2. Be a FGIW

Try to be the first answer. Being the first one to…

Introduction to XSS - Methods, Impact and Prevention

Image
When searching for hacking tutorials or reading through write ups, definitely you will come across the term XSS. In this post, I am going to explain what is XSS, what are it's impacts and how to achieve it with few examples.

XSS aka Cross Site Scripting is a vulnerability which allow the attacker to inject and execute JavaScript code on the target website. This allow attacker to log the victim details, make a phishing page, bypass csrf, get cookies and many more.

XSS is of 2 types. Stored and Reflected.

Stored XSS is the type of XSS when the user entered data is stored in the server and the displayed in any other page. For example parameters like name, place, about etc can be vulnerable to stored XSS.
That said, fields like password are stored once and never retrieved or showed in future, hence it is not vulnerable to stored XSS.

When this can be exploited?




The developer isn't validating user inputs.The developer added certain validations but they are client side only.
How to Ex…