Get a Pentest and security assessment of your IT network.

News

LDAP Injection Prevention

LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. The main way LDAP stores names is based on DN (distinguished name) These are sometimes used to access resources, like a username. The proper escaping depends on whether you are sanitizing input for a search filter, or you are using a DN as a username-like credential for accessing some resource. Use a framework (like LINQtoLDAP that escapes automatically)”]

Source: https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

BlackEnergy exploits recently fixed flaws in Siemens WinCC

News

Google Chrome will block code injection from third-party software within 14 months