security.md

1. What is a CSRF attack? How does it use HTTP requests? And why do we call it the one-click attack?
2. What is an XSS attack? And what is the connection between it and cookies/sessions? And what are the two main categories of XSS?
3. What is SQL injection? and what is the attacker’s intention from it?
4. Consider the below SQL command, where is the vulnerability? think about some ways an attacker can misuse it:

const { username, password } = req.body
let strQry = `SELECT Count(*) FROM Users WHERE username=${username} AND password=${password}`;

5. What does End-to-End encryption means? Share an example of an well-known app using E2EE, how is that app using it?

Room 11 , Pasand Yaba , Hana Abdulla , Ahmed Sabah , Muhammed Sabah , Ali Izaddin

1- A CSRF (Cross-Site Request Forgery) attack is a type of security exploit where an attacker tricks a user into unintentionally performing actions on a web application in which the user is authenticated. The attacker accomplishes this by embedding malicious code in a link or website visited by the user. When the user clicks the link or visits the website, their browser sends unauthorized requests to the target web application, which processes them as if they were legitimate actions by the user. CSRF attacks use HTTP requests to execute actions on the target application, such as transferring funds or changing account settings. They are often referred to as "one-click attacks" because they can be triggered with just one click by the user, without their knowledge.
2- XSS attacks involve injecting malicious scripts into web pages to steal sensitive information like cookies or session tokens from the user , Stored XSS (persistent) and Reflected XSS. Developers can prevent XSS by sanitizing input and using security measures like Content Security Policy (CSP).

3- SQL injection is when a sneaky hacker tricks a website into running bad commands. For example, imagine a website with a search bar. If the website is not well protected, the hacker could type something like this into the search bar: '; DROP TABLE users; -- :
4- user name = " or ""="
password = " or ""="
5- End-to-end encryption (E2EE) ensures that only the communicating users can read messages by encrypting data on the sender's device and decrypting it on the recipient's device, with no intermediary access. Signal is an example of an app using E2EE, where users' devices generate cryptographic keys for secure messaging. Messages are encrypted with the recipient's public key and decrypted with their private key, ensuring privacy and security. Signal's implementation of E2EE safeguards communications from eavesdropping and surveillance, making it highly secure.

Ahmed Isam , Mawj M Basheer , Ahmad Qarany, Dilan M Ahmed.

1. it is Cross Site Request Forgery which attackers will use to trick the web browser user to perform actions and providing sensitive data and information to the cloned webpage and the data will be stolen . The reason we call it one click attack is that the user is just one click away from giving up the sensitive information like email and passwords or bank card PIN number.

2. XSS is the cross site scripting cyber attack in which scripts have been injected by hackkers into web pages browsed by the users. the scripts that being added will be able to sensitive information, manipulate, or sending the user to other cloned websites.the cookies and session tokens might hold authentication information like passcodes and they can be obtained through injecting scripts.there are two main categories of XSS , which are Reflected XSS and Stored XSS. Reflected XSS is a script being adedd that can be executed in the attacked user browser this category of XSS will involve the tricks that user might fall for and cliick on the script triggers. the Stored XSS on the other hand is more about permenantly stored scripts that injected into the targeted server, for example a database for a web application that a user has an account for log in into.

3. it is another type of cyber attack in which the attacker will put some SQL code into the INPUT fileds of a web app in order to control and manipulate the APP database. from this type of attack, the attacker can get delete and add data from the database and passcodes or execute commands on the server .

4. the attacker can inject a query inside the username or password and manipulate the data. the attacker can do such a thing through having the direct explicit username and passowrd in the input field. Therefore, the attacker can run its script into the database server and get what it is attacked for initially .

5. The data will be encrypted from the sender and only the recipient can de-coded by their side only. for example WhatsApp or telegram their chats are E2EE .