Security

Table of Contents

Introduction

Threads

Cross-Site Scripting (XSS)

Couter measures

Man-in-the-middle

Exploits

DLL hijacking (aka. binary planting)

DLLs are being replaced with malicious versions at the top levels of the DLL search path. (see stackoverflow.com)

Example attacks:

Cross-Site Request Forgery

A session cookie is misused to do actions on behalf of the user.

Counter measures:

Best practices

Code quality

Data encryption for transmission

Never trust user input

System configuration

Firewalls

Data encryption for storage

Read security newsletters

Network security

Application security

GitHubImpressum