Skip to content

CISSP Made Easy

"I believe that the best way to truly understand something is to explain it clearly enough that someone else can understand it too. Writing has always been, for me, both a learning tool and a giving back." — Rashid Siddiqui

Home
Contact
CISSP
FlowSpec
Network Attacks
VPN
Arbor
LinkedIn

Tag: Injection

OS Commanding Attacks: Injecting System Commands Through Web Applications

May 14, 2026

OS Commanding attacks inject operating system commands through unsanitised web application input, executing them with the web server’s privileges. … More OS Commanding Attacks: Injecting System Commands Through Web Applications

Leave a comment OS Commanding Attacks: Injecting System Commands Through Web Applications

XPath Injection Attacks: SQL Injection’s XML Counterpart

May 14, 2026

XPath Injection mirrors SQL Injection but targets XML databases. Unlike SQL, XPath has no ACLs — a successful injection can return the entire XML document. … More XPath Injection Attacks: SQL Injection’s XML Counterpart

Leave a comment XPath Injection Attacks: SQL Injection’s XML Counterpart

Authors

Rashid Siddiqui

Search Items

Category Cloud

AAISM AI AI Security Arbor CCSP CISSP Computer Security cybersecurity Cybersecurity Leadership DDoS DevSecOps FlowSpec GRC and Compliance IAM information-security IT Juniper MX Maths Network Attacks News ransomware Risk Management Supply Chain Security Threat Intelligence VPN Vulnerability Management Windows

Understanding the Bell-LaPadula Model for Secure Computing SystemsJune 15, 2024Rashid Siddiqui

Privilege Escalation: How Attackers Gain Unauthorised System ControlMay 14, 2026Rashid Siddiqui

CCSP Final Notes - Before Passing the ExamFebruary 16, 2022Rashid Siddiqui

AAISM Access Control AI AI governance Arbor artificial-intelligence Attack Authentication CCSP CISO CISSP cloud-security crypto cryptography cyber-security cybersecurity DDoS Defence education Email Security encryption FlowSpec information-security Injection Log4j Log4shell malware Matrix microsoft Network Attacks Network Security NIST CSF patch management Protocol ransomware Reconnaissance Risk Management security SMTP Social Engineering SQL Injection technology User Awareness VPN Web Security

Recent Posts

CISSP Interactive Navigation - Complete Interactive Study Guide (All 8 Domains) - Master every CISSP domain with visual models, formula drills, and 160 scenario-based practice questions by a working CISSP professional
Privilege Escalation: How Attackers Gain Unauthorised System Control
Zero-Day Attacks: What They Are and How to Defend Against Them
Brute Force Attacks: How Attackers Crack Passwords and How to Stop Them
Directory Indexing Attacks: When Your Web Server Reveals Too Much

Categories

AAISM (1)
AI (1)
AI Security (3)
Arbor (2)
CCSP (17)
CISSP (52)
Computer Security (7)
cybersecurity (1)
Cybersecurity Leadership (5)
DDoS (2)
DevSecOps (2)
FlowSpec (3)
GRC and Compliance (4)
IAM (1)
information-security (21)
IT (26)
Juniper MX (1)
Maths (1)
Network Attacks (4)
News (2)
ransomware (2)
Risk Management (6)
Supply Chain Security (1)
Threat Intelligence (5)
VPN (2)
Vulnerability Management (2)
Windows (2)

Topics

May 2026
April 2026
March 2026
August 2024
July 2024
June 2024
May 2024
February 2024
January 2024
November 2023
April 2023
August 2022
July 2022
May 2022
March 2022
February 2022
January 2022
December 2021
November 2019
March 2019
February 2019
May 2012

Blog Stats

52,636 hits

Translate

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Email Address:

Join 21 other subscribers

Qué es el Framework AAA: La Fortificación Invisible de tu Ciberseguridad on Understanding AAA: Authentication, Authorization, and AccountingJuly 16, 2025
[…] una comprensión precisa de AAA, es esencial […]
In-Depth Explanation of CISSP Domains – Computer Training Virginia on Domain3: Understanding Security Architecture and Engineering in CISSPJanuary 20, 2025
[…] Domain3: Understanding Security Architecture and Engineering in CISSP […]
Creating an Effective CISSP Study Plan – Computer Training Virginia on How i passed CISSP - A Minimalistic Approach to SuccessJanuary 20, 2025
[…] How i passed CISSP – A Minimalistic Approach to Success […]
The CIA Triad: Confidentiality, Integrity, and Availability, Day 2 Cybersecurity Training on Understanding CIA and Its Universe: A Deep Dive into Information SecurityJanuary 18, 2025
[…] for privacy. Weak passwords cause about 60% of breaches, showing the need for better security7. Using multi-factor authentication can…
Rashid Siddiqui on CCSP Final Notes - Before Passing the ExamAugust 12, 2024
Thanks Mansi, happy to know you liked it. I believe you from Infosectrain team. Wish you best for the team…

Blog at WordPress.com.