Untitled

> Basic insight of project > Self Intro > if no secure flag what attack will you perform? > if no httponly flag what attack will you perform? > xss live payload executing through shared textpad > xxe - live payload executing - get /etc/passwd > cache - private, public > symmtric , asymetric encryption > hashing and encryption - why use hash instead of encryption? >  how will A send message to B (assymetric encryption) - encrypted using public B, decrypted using private B, how B will respond to A -   - encrypted using public A, decrypted using private A? > salt, pepper - why both required  > what is more secure than salted hash db storage?  >