PHP Best Practices That You Must Know

Security is always an important topic in any field. Web application security is not a different matter. In 2019, web application security becomes so important that common people who use the internet on a daily basis should have at least some basic knowledge about it.

In this post, I will discuss the facts that make web application security as an important and vital topic of interest in 2019. After completely reading this post, you will be able to know why you would care for it in 2019, what are the different impacts of it and finally what are the most common threats to web application security. Read the complete article here.

SQL injection is a common attack technique used to attack a web application. In this post, you will know different types of SQL injection attack in depth.

After completely reading this post about SQL injection, you will have a clear concept about it in-depth. Read the complete post here.

In order to understand SQL injection step by step, this article provides a set of practical examples, so that you won't find it difficult to understand SQL injection step by step with example. Read the complete article here.

This post is the final part of sql injection series. Read the complete article here.

Code injection is a technique used by attacker to inject server-side code from outside so that it can be evaluated by the corresponding server-side technology.

Code injection allows an attacker to compromise database, security, it is also possible to steal data, bypass access and authentication control. This vulnerability can be easy to find or sometimes it may be harder to find. If it sounds interesting to you, read complete article here.

Command injection is a technique used by the attacker to attack a server via it's operating system commands. This type of attack took place when the web application is utilizing system commands to provide some sort of functionality to a web application. If you find command injection interesting, read the complete article here.

In a Cross-site Scripting attack, also known as xss, client-side code is injected into the output of a web page, in form of a html attribute, and executed within the user’s browser. The impact of successful exploitation varies. If it sounds interesting, read the complete article here.

Learn cross site scripting attack with a practical example. Click here to read the complete article.

Cross Site Request Forgery (also known as CSRF) is a web application vulnerability in which attacker's website forces victim's browser to send malicious requests to the vulnerable website in which the victim is currently authenticated.

To perform Cross Site Request Forgery attack, attacker tricks a logged-in user by using social-engineering techniques to perform some tasks on behalf of the user without their knowledge. If it sounds interesting to you, click here to read more.

Learn how you can actually apply object-oriented programming principles in PHP. Read the complete article here.

Learn the web programming basics in simple plain English. Every web developer must know these fundamental concepts. Know these concepts by reading the complete article here.

Broken authentication happens due to poor implementation of authentication and session management.It is one of the most common type of OWASP vulnerability. Read the in-depth article about broken authentication here.

Sensitive data exposure vulnerabilities may occur due to the negligence of protecting sensitive information from being disclosed to attackers. Read the complete article about sensitive data exposure here.

Security misconfiguration is the #6 vulnerability on OWASP's list of top ten most common vulnerabilities.It includes broad category of configuration issues. Read the complete article about security misconfiguration here.

XML External Entity injection attack allows an attacker to perform reading local files on server, it is mainly based on server side request forgery(SSRF). Read the complete article about XML External Entity injection attack here.

Components with known vulnerabilities is one of the top 10 OWASP vulnerability. It could compromise the security of system using 3rd party softwares. Read the complete article about Components with known vulnerabilities here.