Відео

While manual exploration can lead to more thorough and context-aware testing, automated scanning is valuable for its speed and efficiency, especially in larger applications. A combination of both approaches is often the most effective strategy. Start with an automated scan to identify common issues, then follow up with manual exploration to dive deeper into complex areas and validate findings. This hybrid approach maximizes coverage while minimizing the chances of overlooking vulnerabilities. Thank You.

@@SanQAMastery thanks

Focus on resolving high and confidential risks first, evaluate medium risks based on your application's context, and monitor low risks without immediate action unless they become more significant over time. Thank You.

Thanks

Jmeteril korach doubt,undaayirunnu,. Contact no. tharumooo

HTTP response codes you encounter have different implications: 200 OK: This means the request was successful and the server returned the requested resource. It generally indicates that the resource is accessible, but it doesn't directly indicate vulnerability. If it's exposed sensitive data, then it's vulnerable. 302 Found (Redirect): This indicates that the requested resource has been temporarily moved to a different URI. This could be normal behavior (such as redirecting users to a login page), but it might also require further investigation to ensure it’s not part of a redirect chain that could reveal sensitive information or lead to a vulnerable endpoint. 404 Not Found: This means the requested resource could not be found on the server. While a 404 itself doesn’t indicate a vulnerability, it could be useful to identify hidden paths or resources that might not be properly protected or could be used to infer the structure of the application. 500 Internal Server Error: This indicates a server-side error. A 500 error generally means something has gone wrong on the server, and it could be due to a vulnerability or misconfiguration. Persistent 500 errors when accessing various endpoints might suggest potential issues that need further examination. In summary, while none of these codes directly indicate a vulnerability by themselves, they can be part of a broader analysis. A 500 error is particularly noteworthy as it suggests potential issues on the server side. A thorough investigation of the responses and their contexts, including further testing and analysis, would be necessary to identify actual vulnerabilities. Thank you.

Reflected status alone doesn’t confirm SQL injection vulnerability, but it is a signal that you should investigate further. Manual testing and reviewing how inputs are handled in your application code are crucial steps in determining if your application is indeed vulnerable to SQL injection. Look for detailed error messages or behavior changes that indicate SQL injection. For instance, if your application exposes database errors, that could be a sign. If it displays a message such as 'Invalid credentials,' then there is no issue. In this case also the status should be Reflected. Thank You.

You can use ZAP features like Spidering, Active Scanning, Forced Browsing, and Fuzzing to find hidden endpoints and parameters for SQLi, XSS, hidden files/directories. I have created videos on how to perform these actions in this playlist. Please check it out. In the Active Scan, the following features can detect LFI, RFI, RCE, CSTI, and SSTI injections. I'll check to see if I can add more detailed videos on this topic. Thank You.

It's important to emphasize that unauthorized access to systems and exploiting vulnerabilities without permission is illegal and unethical. The information provided here is for educational purposes only, aimed at understanding security practices and improving defenses. I have made a video on how to perform SQL injection and XSS. You can find it at the link below. ua-cam.com/video/bPXVNo6c10c/v-deo.html Thank You.

Glad to hear that

Thank you! Cheers!

Glad to hear that

Thank you

Thanks

Thank you for your valuable comment...Will do more videos. Please Like and Subscribe.