Rushabh Papinwar

1.       Description of GPG – what does it do and how, and the components of GPG4win. GPG(GNU Privacy Guard) is PGP cryptographic software suite. Basically it is a hybrid encryption software because it uses both symmetric key encryption and asymmetric key encryption. Symmetric key encryption for the speed purpose and asymmetric key encryption is for security purpose. In Symmetric key Encryption we use only one key for encryption and decryption both. And in Asymmetric key Encryption we use two keys ,one is for encryption and other one is for decryption. GPG is used for encrypting files and mails. It is used for transporting mail securely with the help of encryption and digital signature. Encryption protects the data from the intruders and digital signatures are used to make sure that it is send from a specific sender. GPG4win supports the OpenPGP and S/MIME (X.509). Gpg4win is a free software. Gpg4win is the installer for the windows and contain several free softwares. The c

OWASP 10( Open Web Application Security Project ) SQL INJECTIONS ·         What are SQL Injections? 1.      When untrusted data is taken from user input and applied to some kind of query or interpreter in a way that assumes what the data will look like. 2.      An attacker enters data that does not fit the expected input but malforms it in some way to have unintended consequences, such as error leakage, damage to data or exposure of data. 3.      An attacker can bypass any client-side controls that might be intended to stop this. 4.      Usually related to SQL but can also apply to LDAP or operating system calls or anything that builds a query from user input. 5.      It is not the most common but it is the most serious vulnerability found    in web applications. 6.      If the site is susceptible, it is usually quite easy to take advantage of. 7.      It is usually easy to find out if a site is susceptible. 8.      Many frameworks are vulnerable by defa