What Is LDAP? LDAP stands for Lightweight Direction Access Protocol. LDAP is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services like LDAP provide application accessible repositories for information about users, credentials, […]
Detecting LDAP Injection If you are not already familiar with the concept of LDAP Injection, we suggest that you review the article entitled “What Is LDAP Injection ?“. You should consider testing for LDAP Injection anytime that user supplied input is […]
Preventing LDAP Injection If you are not already familiar with the concept of LDAP Injection, please review the article entitled “What Is LDAP Injection ?“. To learn more about how to detect LDAP Injection vulnerabilities, please see the article entitled […]
Testing For Insecure Cryptographic Storage If you are not already familiar with the concept of Insecure Cryptographic Storage, please see the article entitled “What Is Insecure Cryptographic Storage“. Note that you do not really “test” for this vulnerability, as it […]
What Is Insecure Cryptographic Storage? Applications that process sensitive information are responsible for protecting it. One of the OWASP Top 10 vulnerabilities is a category entitled “Insecure Cryptographic Storage”, and it refers to the failure of an application to protect […]
