Most of the time folks find it really difficult to test web services. It is because we don't have proper knowledge of web services. Before any testing it is important to understand the system, we should know what can be the positive and negative sides of the technology and implementations of that application. Lets dive into the depth of web service testing. To provide a better security solution to the web service we should have a brief understanding of web services, their architectural styles, their constraints and their characteristics that are responsible for their strength as well as weakness.
Our world would have been exponentially more peaceful if there was no fear of theft. We would’ve left our doors open but still enjoyed our privacy and security. Unfortunately looking at the current scenario, that’s a rather impossible fiasco. And hence the need for doors and locks.
A similar case is applicable for the digital world where we have to assure complete data security. The simplest yet most important way to protect ones data even today remains with the use of passwords and robust access management systems.
How many times you feel affronted while reading those stupid numbers or words and re-entering it just to prove that you are a human. We call them CAPTCHA(Completely Automated Public Turing test to tell Computers and Humans Apart) and recommend it to avoid several kind of flooding attacks, brute force attacks and sometimes even for CSRF attacks.
It's time-consuming as well as frustrating.
What is SQL Injection:
I have gone through many SQL Injection tutorials before writing this post. One thing was common at every place, the queries coming from the readers. Many people don’t know what actually SQL Injection is. They think that they can easily enter into the database and make some changes, or they can simply inject some query and will have the username and password of the administrator. Well !!! Till some extent the concept is true but it is not that much easy.