x/handbook
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
handbook/tools/3.Web-Hacking/4.Injection/OS-Commands/Notes/4.Prevent-OS-Command-Injection-Attacks.md
Anton Nesterov af9011411c
vault backup: 2024-08-31 01:07:21
2024-08-31 01:07:22 +02:00

8 lines
253 B
Markdown
Raw Blame History

## Prevent OS Command Injection Attacks
- Never call out OS commands from application-layer code
- If unavoidable, do the following:
- Validate against a whitelist of permitted values
- Validate that the input is a number
- Validate that th`
Reference in a new issue View git blame Copy permalink