Article Categories
- All Categories
-
Data Structure
-
Networking
-
RDBMS
-
Operating System
-
Java
-
MS Excel
-
iOS
-
HTML
-
CSS
-
Android
-
Python
-
C Programming
-
C++
-
C#
-
MongoDB
-
MySQL
-
Javascript
-
PHP
Articles by Govind
3 articles
Broken User Authentication
What is broken user authentication? Poor implementation of API authentication allows attackers to predict other user’s identities. In more general terms, broken user authentication occurs when an API having an authentication system but does not in working, or that the implemented authentication system fails in some cases, allowing attackers to project himself as an authenticated user. The weaknesses present in the system, mentioned above, will be divided into two different groups, namely poor credential management and poor session management. A. Poor credential management Victim credentials can be collected to gain access to the system. There are various ways that the ...
Read MoreBroken Object-Level Authorization
What is Broken Object-Level Authorization? Broken object-level authorizations (BOLA) is also known as insecure direct object reference (IDOR). This issue occurs when the server does not properly verify if the currently authorized user or an unauthorized user is accessing data to read, update or delete an object to which they are not having the rights. Types of Broken Object Level Authorization (BOLA Mainly there are 2 types of BOLA. Those can be carried out if a userID is passed on to the server or an objectID, we will look into both. Based on User ID If a userID is passing ...
Read MoreTypes of Application Programming Interface (API) and their Security vulnerabilities.
What Is Application Programming Interface. API is the acronym for Application Programming Interface, API is a set of defined rules that explain how computers or applications communicate with one another. APIs implemented between application and web server, acting as an intermediary layer that processes data transfer between systems. Types of API’s They are four main types of API’s Open APIs− Open-source application programming interfaces Also known as Public API, there are no restrictions to access these types of APIs because they are publicly available. Open APIs can been can been access by any developer. Partner APIs− This API exposed ...
Read More