Hackers have an attractive world and the number of hackers as well as the variety of methods they use in order to hack, is increasing every day, so users are more and more concerned about maintaining their security, so it is necessary to learn new methods in order to be able to withstand every threat, it is also necessary to be able to stand up to hackers with more power by raising your level of awareness about the types of hacking attacks and their differences, in all methods, hackers with great knowledge and talent steal information from various users, for example, they may enter malicious code to different websites in order to achieve their goal, in this article, we will discuss the differences between XSS and CSRF , both of which are popular attacks which many hackers use in order to gain access to users' information.
What is XSS?
XSS, which stands for Cross-Site Scripting , is actually an attack that uses malicious code, in XSS, the hacker aims to execute malicious scripts in a target web browser, by placing malicious code on a web page, the important point about these attacks is that they are more common in javaScript , simply put, in this method, hackers steal the information of people who visit a site, and sometimes the users do not notice the theft, and the hackers can easily get what they want.The way that this attack works is that after users visit a site or when they click on a link, a code which was placed there by hackers is activated, and this code can eventually provide hackers with important information of the user's system, so that they can achieve their desires through this kind of malicious code, therefore, when a website is not secure enough against such attacks, users who visit this site will easily lose their information and they definitely won’t visit your website again, so the number of your website visitors will be decreased in order to the lack of security and privacy.This attack has different types which are: Stored XSS (Persistent XSS, DOM-based XSS), Reflected XSS (Non-persistent XSS), etc., each of which has its own characteristics, generally, in addition to these attacks, users need to take all the issues that may harm the security of various systems seriously and make every effort to be able to withstand these attacks, these types of attacks can turn sites that seem to be credible into highly malicious sites that destroy system security.
What is CSRF?
One of the most dangerous attacks that can be carried out by various hackers is Cross Site Request Forgery , as a result of CSRF attacks, hackers can access and modify the information of different users and use it in order to achieve their desires, through this attack, the hackers deceive you by using various methods, and finally, you submit requests that you do not intend to, as a result, they can achieve their goal easily.In this attack, a site which is known as a valid website can cause serious harm to the users’ systems, through which an unwanted action is performed that the user may not even notice, one of the reasons why this attack is considered as a dangerous attack is that the users may not be aware that the hackers have gained access to their information, and another reason is that many websites are not able to protect their users against such attack, therefore, these two reasons can be the causes for various site owners and users concern.As we mentioned, in this method, the hackers force the users to do what they do not intend to do, for example, imagine that you want to do online shopping and when you want to pay for it, the hackers eventually cause you to transfer this money to their account with the help of social engineering methods and other techniques, but there are many ways which you can use in order to increase the security of your systems and sites against this type of attack and prevent various hackers from achieving their sinister goal, some of which are going to mention below.
Read more on:https://www.dotnek.com/Blog/Security/what-is-the-difference-between-xss-and-csrf
link:https://dotnek.mystrikingly.com/
Related link:Vývoj pre Android
:: برچسبها:
dotnek ,
seo ,
site ,
:: بازدید از این مطلب : 82
|
امتیاز مطلب : 0
|
تعداد امتیازدهندگان : 0
|
مجموع امتیاز : 0