@@cybersec-radar Sir, can you please elaborate difference between client versus server-side vulnerabilities? Client-side and server side things are quite easy to understand in web or app development, but when it would come to pentesting, I can't clearly differentiate between frontendside and serverside vulnerabilites. Here things become quite complex as a frontend vulnerability can often lead to leak data from server side (with or without victim-user future actions) and vice-versa. Tell me if I am wrong. If I am right, please tell me which client side vulnerabilities can lead to leaking data from server (from both with and without victim-user future actions) ?
Data leakage/Disclosure of information is possible in both case but that depends on which kind of data is that and how it is retrieved and exfiltrated. When you feed/serve something malicious to the server through your inputs or some other ways and those inputs are processed by server its server-side like sqli because that injected syntax is processed by the server to fetch data from database server. So you basically play around server’s ability and when i say server means the backend code or logics a developer wrote.
On the contrary in client side we basically server malicious code/scripts that is executed on the user browser for example stealing cookies/creds through XSS.
one more thing frontend attacks are client side attacks but these two terms have different meanings. If you are a client, Client side means something under your possession like your browser from where you request a service and response rendered on it.
13:23 your videos and explanations are just amazing. Thankyou so much keep going.
Glad you like them!
First to watch. Thanks for listening to our requests
Any time!
@@cybersec-radar Sir, can you please elaborate difference between client versus server-side vulnerabilities? Client-side and server side things are quite easy to understand in web or app development, but when it would come to pentesting, I can't clearly differentiate between frontendside and serverside vulnerabilites. Here things become quite complex as a frontend vulnerability can often lead to leak data from server side (with or without victim-user future actions) and vice-versa. Tell me if I am wrong. If I am right, please tell me which client side vulnerabilities can lead to leaking data from server (from both with and without victim-user future actions) ?
Data leakage/Disclosure of information is possible in both case but that depends on which kind of data is that and how it is retrieved and exfiltrated. When you feed/serve something malicious to the server through your inputs or some other ways and those inputs are processed by server its server-side like sqli because that injected syntax is processed by the server to fetch data from database server. So you basically play around server’s ability and when i say server means the backend code or logics a developer wrote.
On the contrary in client side we basically server malicious code/scripts that is executed on the user browser for example stealing cookies/creds through XSS.
one more thing frontend attacks are client side attacks but these two terms have different meanings. If you are a client, Client side means something under your possession like your browser from where you request a service and response rendered on it.
Love it!!!!!!!!!!!!
Thanx…