Security is an important topic that can be studied for hours and days, on the other hand, there are many ways to compromise this security, and there are people who called hackers, with great talent in the field of computers, they try to infiltrate the information of different people and use it in order to achieve their desires, hackers may use different methods to gain access to important information, in most cases, the users do not realize that their information has been stolen and the hacker will continue to abuse their information as much as possible, for example, hackers may use malicious code to hack different people, they inject it into a site, or they may add this code to the web form input box in order to change the data which has different types, such as XSS and SQL injection , which we are going to discuss in more detail below.

What is cross site scripting?

Cross site scripting , which stands for XSS, is one of the most common attacks used by hackers to steal users' information, one of the most common languages used to write such malicious code is JavaScript, eventually, when users log on to a site where such code has been injected, it will be hacked and malware may be downloaded to their system or another malicious change may occur on their system, in other words, through this method, hackers steal the information of people who visit a site, and in some cases the user does not notice the theft, and the hackers can easily get what they want.This kind of attack has different types, which we will mention briefly in the following.

Types of cross site scripting:

- Stored XSS (Persistent XSS):

This type of attack is very malicious, in which the hacker enters the malicious code in the user's input section, such as the blog comments section or they may even place that code in a post, and eventually the user's system is infected as soon as user logs in, as we have mentioned earlier, these attacks are carried out so imperceptibly that the users may not be fully aware that their information has been stolen.

- DOM-based XSS:

These types of attacks can also attack systems that have high security and have used a firewall, through this attack, the hackers can gain the information they need quickly, in fact, this is one of the most advanced XSS attacks and can do a lot of damage to system security.

- Reflected XSS (Non-persistent XSS):

This type of attack is performed when the users request and with this request, the code is activated and finally their information is going to be stolen, these types of attacks are more common on social media, and it is important to note that they are usually combined with social engineering.

What is SQL Injection?

Another method used by hackers is SQL Injection , in which a hacker inserts malicious code through a web page entry into SQL statements, ultimately, this injection allows the hacker to disrupt the user's system and generally allow the attacker to view data that they would not normally be able to retrieve, in other words, hackers can access information that is not accessible to the user, and by changing these programs, the hacker can eventually change the content of the program, hackers can do this type of hacking in a variety of ways that in all cases can be very successful in accessing user information. 

Read more on:https://www.dotnek.com/Blog/Security/what-are-the-differences-between-sql-injectio

YouTube:https://youtu.be/EvoTcCSmnFc

link:https://dotnek.mystrikingly.com/

Related link:Which country has the best hackers?