Someone on quora asked:
Hacking at its most simple consists of knowing what vulnerabilities to test for in an application deployment.
Vulnerabilities can happen at multiple levels, not just at the application level. If you are already confident that your own account is secure from most forms of hacking (not just SQL injection, but also including brute force attacks, username/password enumeration, cross-site scripting, man-in-the-middle attacks, etc), then the next step is making sure your deployment is secure. Check for out of of date web server/container versions, known vulnerabilities in the deployed versions, exposed ports, exposed admin urls, that kind of thing.
If you enjoyed my content for some reason, I'd love to hear from you! Here are some options:
- You can buy me a coffee!
- You can write a reply on your own site and submit the URL as a webmention via the form below.
- Or you can just contact me!