SOP,CORS,XSS,CSRF Software Vulnerability

These flashcards cover key terms and concepts related to software vulnerabilities including security policies and common web vulnerabilities.

Same-Origin Policy (SOP)

A security mechanism that restricts how documents or scripts loaded from one origin can interact with resources from another origin.

Cross-Origin Resource Sharing (CORS)

A mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.

XSS (Cross-Site Scripting)

A vulnerability that allows attackers to inject malicious scripts into content from otherwise trusted websites.

CSRF (Cross-Site Request Forgery)

An attack that tricks the user’s browser into sending a request to a different site that a user is authenticated against.

SQL Injection

An attack that allows an attacker to interfere with the queries that an application makes to its database.

Attack Surface

The total sum of the different points (attack vectors) in a given computing device or network that are accessible to an unauthorized user.

Input Attack

Exploitation that occurs through areas where user input can be sent to the server, such as query parameters, forms, or cookies.

Cookie Theft

An attack where an attacker exploits vulnerabilities to steal cookies, allowing unauthorized access to the user's session.

Metasploit

A penetration testing framework that allows security professionals to find vulnerabilities in their systems.

OWASP

Open Web Application Security Project, an organization dedicated to identifying and combating the most prevalent web security risks.