30-days-of-attack.hashnode.devDay 5: Cross-Site Scripting (XSS) — When the Browser Becomes the AttackerIntroduction Cross-Site Scripting (XSS) is a client-side attack that exploits trust between a user’s browser and a web application. Unlike SQL Injection, which targets backend databases, XSS targets users directly by injecting malicious scripts into ...Jan 6·3 min read
30-days-of-attack.hashnode.devDay 4: Session HijackingIntroduction Session hijacking is one of the most practical and misunderstood web attacks. It does not rely on breaking passwords, exploiting cryptography, or abusing server-side vulnerabilities. Instead, it targets the trust relationship established...Dec 20, 2025·4 min read
30-days-of-attack.hashnode.devDay 3: Man-in-the-Middle + Trust ExploitationAttacks don’t break encryption.They break trust. What is Actually Happening Imagine this flow: You → Router → Internet MITM turns it into: You → Attacker → Router → Internet This attack doesn’t rely on breaking systems but on exploiting blind trust i...Dec 19, 2025·4 min read
30-days-of-attack.hashnode.devDAY 2 :SQL Injection: Breaking Trust Between Applications and DatabasesIntroduction Most people imagine hacking as complex tools and mysterious commands.In reality, many powerful attacks exist because applications trust user input too much. SQL Injection is one of the oldest web attacks, yet it still appears in real sys...Dec 18, 2025·4 min read
30-days-of-attack.hashnode.devDay 1: Phishing Attacks — When Trust Becomes the VulnerabilityPhishing works not because people are careless, but because attackers understand how people think. They know when we’re tired, distracted, or trying to get things done quickly. And they design their messages to slip right into those moments. What Phi...Dec 17, 2025·3 min read
