SQL injection is an attack in which malicious code is inserted into strings that are later passed to an instance of SQL Server for parsing and execution. Any procedure that constructs SQL statements should be reviewed for injection vulnerabilities because SQL Server will execute all syntactically valid queries that it receives. Even parameterized data can be manipulated by a skilled and determined attacker.

Hello Friends,

Today I will explain a new hacking technique known as DNN (DotNetNuke). I will show you how to hack a DNN website. Is it easy? Yes. It is easy compared to other hacking attacks such as SQL-Injection and Cross Site Scripting. I will teach you how to find your target and how to enter into the target website and upload your files.

Remote file inclusion is basically a one of the most common vulnerability found in web application. This type of vulnerability allows the Hacker or attacker to add a remote file on the web server. If the attacker gets successful in performing the attack he/she will gain access to the web server and hence can execute any command on it.

Web applications allow visitors to submit and retrieve data to/from a database over the Internet. Databases are the heart of most web applications. They hold data needed for web applications to deliver specific content to visitors and provide information to customers, suppliers etc.

SQL Injection is perhaps the most common web-application hacking technique which attempts to pass SQL commands through a web application for execution by the back-end database. The vulnerability is presented when user input is incorrectly sanitized and thereby executed.

One of the major problems with SQL is its poor security issues surrounding is the login and url strings. This tutorial is not going to go into detail on why these string work as all these details have been given in my previous article Top 10 Tricks to exploit SQL Server Systems.

Lot´s of people complain that Web Proxys are not working at their Works / Schools computer because they have been banned by administrators. A way around this would be to setup your very own proxy server that is being hosted a) by a free web hosting service that supports either php or cgi or b) your own website that is being hosted by a web hosting company.

This article is intended to be an almost complete guide to cracking and protecting websites which utilize the .htaccess/.htpasswd method for controlling access to data. it’s not intended to be a how-to guide for hacking websites. if you’re looking for a simple howto and not interested in reading in-depth information, then this isn’t the text for you.
I m considering writing a series of guides which for now I m calling “Hungry Hackers Guide”. i do have my malicious streaks (mainly on my own stuff though, I enjoy breaking my own …

Here is a list of the Top 5 Port Scanners.
1. Nmap
A versatile port scanner , has got lot of scanning options. Can perform a variety of scan (syn , fin ,ack etc.)
Not very fast but is very accurate
also can detect host OS
2. Superscan -
Fastest port scanner i’v seen
Can scan tcp/udp ports . also has many network utilities like ping ,tracerouts, whois etc.
3 Angry Ip Scanner
Angry IP Scanner can perform basic host discovery and port scans on Windows. Its binary file size is very …