top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration Why to Join

    Get Free Article Updates

Facebook Login
Site Registration
Print Preview

Simple Overview About XSS?

+1 vote
48 views

What is XSS?

XSS mean Cross Site Scripting

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.

Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates.

By leveraging XSS, an attacker does not target a victim directly. Instead, an attacker would exploit a vulnerability within a website or web application that the victim would visit, essentially using the vulnerable website as a vehicle to deliver a malicious script to the victim’s browser.

Step-By-Step walkthrough of a simple XSS attack:

Following pseudo-code is used to display the most recent comment on a web page.

print "<html>"
print "<h1>Most recent comment</h1>"
print database.latestComment
print "</html>"

Video for XSS

posted Dec 28, 2016 by Manish Tiwari

  Promote This Article
Facebook Share Button Twitter Share Button Google+ Share Button LinkedIn Share Button Multiple Social Share Button
nice and good


Related Articles

What is Web Methods?

webMethods Developer is the Java-based Integrated development environment (IDE) for developing code on the webMethods Integration Server.

It allows development in webMethods Flow which is a graphical programming language designed to simplify and speed up integration application development.[1] With version 7 of the webMethods product suite, webMethods Developer started to be replaced by webMethods Designer, an Eclipse-based IDE. This transition has not been finished yet and both products exist side by side.

Program Features

  • Writing graphical flow and java services (the programming logic)
  • Defining and modifying documents and mapping logic
  • Testing, debugging and executing services
  • Creation and configuration of web services[3]
  • Editing adapter service and notifications (used to connect with external systems)

 

Video about Webmethods

https://www.youtube.com/watch?v=ym3amXxds5g

READ MORE

What is Traceur.Js?

Traceur is a compiler that takes ECMAScript Edition 6 (ES6) (including classes, generators, destructuring and much more) and compiles it down to regular Javascript (ECMAScript Edition 5 [ES5]) that runs in your browser.

Traceur is a compiler / transpiler which allows you to make use of all the future JavaScript features that are not currently a native offering in modern web browsers. In addition to making all features of ES6 available to you, Traceur also supports some ES.

 You can try Traceur in several ways: 

  • Typing or pasting ES6 code into the Read-eval-print-loop page.
  • Include Traceur in a Web page and compile ES6 script content on the fly (see below)
  • Use node to compile ES6 to ES5 offline and include the result in Web pages or just run the result in node.

NPM Command

npm install traceur 

Video for Traceur

https://www.youtube.com/watch?v=HPslreDrWlU

READ MORE

What is Ad Hoc?

Ad hoc analysis is a business intelligence process designed to answer a single, specific business question. The product of ad hoc analysis is typically a statistical model, analytic report, or other type of data summary.

Ad hoc reporting refers to reports that are put together creatively by users in real-time, rather than pre-designed according to a template.

An ad hoc report is a report that is created on the fly, displaying information in a table or a chart that is the result of a question that has not already been codified in a production report. There is a limit to the number of such production reports and business questions that can be anticipated and coded in advance so that users can consult them whenever they want.

Moreover, as businesses are always changing, the questions people want to ask of their data are always changing, so any reporting system needs to accommodate the creation and running of ad hoc reports. Making that an easy process for the average business user is key because most ad hoc reporting tools are designed for database experts to use, often requiring knowledge of structured query language, or SQL.

 

Videos for What is Adhoc Reporting

https://www.youtube.com/watch?v=GXk0Si83pxk

READ MORE

What is AmCharts?

amCharts is a company based in Vilnius, Lithuania. The beginning of amCharts and amMap was in 2004, when the first version of amMap was made. Antanas Marcelionis worked as a manager in a web development company and, being a fan of maps and traveling, wanted to have a tool which would work like a pin-map for him.

Easily add charting capabilities to your websites and applications. Compatible with all modern and most legacy browsers (yes even IE7), JavaScript Charts allows creating flexible Pie, Column, Line, and number of other chart types.


Features

  • Advanced serial charts
  • Superior time-based scales
  • Micro-charts and sparklines
  • Responsive
  • Mobile Friendly
  • Accessible

Video for amCharts 

https://www.youtube.com/watch?v=7RmwtoiEWkw

READ MORE

What is Machine Learning?

Machine learning is an application of artificial intelligence (AI) that provides systems the ability to automatically learn and improve from experience without being explicitly programmed. Machine learning focuses on the development of computer programs that can access data and use it learn for themselves.

Machine learning is a field of computer science that gives computers the ability to learn without being explicitly programmed

Machine learning is closely related to (and often overlaps with) computational statistics, which also focuses on prediction-making through the use of computers. It has strong ties to mathematical optimization, which delivers methods, theory and application domains to the field. Machine learning is sometimes conflated with data mining, where the latter subfield focuses more on exploratory data analysis and is known as unsupervised learning.Machine learning can also be unsupervised and be used to learn and establish baseline behavioral profiles for various entities and then used to find meaningful anomalies.

The process of learning begins with observations or data, such as examples, direct experience, or instruction, in order to look for patterns in data and make better decisions in the future based on the examples that we provide. The primary aim is to allow the computers learn automatically without human intervention or assistance and adjust actions accordingly.

Some machine learning methods

  • Supervised machine learning algorithms
  • unsupervised machine learning algorithms
  • Semi-supervised machine learning algorithms
  • Reinforcement machine learning algorithms 

 

Video for about Machine Learning

https://www.youtube.com/watch?v=WXHM_i-fgGo​

READ MORE

What is LMDB?
Lightning Memory-Mapped Database (LMDB) is a software library that provides a high-performance embedded transactional database in the form of a key-value store. LMDB is written in C with API bindings for several programming languages.

LMDB is a Btree-based database management library modeled loosely on the BerkeleyDB API, but much simplified. The entire database is exposed in a memory map, and all data fetches return data directly from the mapped memory, so no malloc's or memcpy's occur during data fetches. As such, the library is extremely simple because it requires no page caching layer of its own, and it is extremely high performance and memory-efficient. It is also fully transactional with full ACID semantics, and when the memory map is read-only, the database integrity cannot be corrupted by stray pointer writes from application code.

The library is fully thread-aware and supports concurrent read/write access from multiple processes and threads. Data pages use a copy-on- write strategy so no active data pages are ever overwritten, which also provides resistance to corruption and eliminates the need of any special recovery procedures after a system crash. Writes are fully serialized; only one write transaction may be active at a time, which guarantees that writers can never deadlock. The database structure is multi-versioned so readers run with no locks; writers cannot block readers, and readers don't block writers.

Unlike other well-known database mechanisms which use either write-ahead transaction logs or append-only data writes, LMDB requires no maintenance during operation. Both write-ahead loggers and append-only databases require periodic checkpointing and/or compaction of their log or database files otherwise they grow without bound. LMDB tracks free pages within the database and re-uses them for new write operations, so the database size does not grow without bound in normal use

Benefits

  • LMDB uses memory-mapped files, giving much better I/O performance.
  • Works well with really large datasets. The HDF5 files are always read entirely into memory, so you can’t have any HDF5 file exceed your memory capacity. You can easily split your data into several HDF5 files though (just put several paths to h5 files in your text file).​

Video for LMDB?

https://www.youtube.com/watch?v=Rx1-in-a1Xc

READ MORE
Contact Us
+91 9880187415
sales@queryhome.net
support@queryhome.net
#280, 3rd floor, 5th Main
6th Sector, HSR Layout
Bangalore-560102
Karnataka INDIA.
QUERY HOME
...