Web application Vulnerabilities.

Even though most of the exploits used in the low setting of the Damn Vulnerable Web Application (DNWA) should be known to web developers, they are commonly spread across the web. DNWA is developed for students and web developers to get a better understanding of application security by hacking away at their arsenal of vulnerabilities. So, here is my try at sql injection and reflected scripting attacks!

After Lab review

The application I am experimenting with in this lab is made to be tampered with, and several exploits are built in by design. Especially playing around at the low setting would be considered trivial in the security industry, and any business that exposes risks like these does not take their security seriously. I learned how easy it is to take advantage of such exploits, simply by using a website's own search field.