skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

GLOSSARY

Canonicalization Attack

A canonicalization attack is a cyberattack method in which the attacker substitutes various inputs for the canonical name of a path or file.

A canonicalization attack is a cyberattack method in which the attacker substitutes various inputs for the canonical name of a path or file. Typically exploited by entering the file path in an input field or webpage or part of a URL, canonical attacks enable attackers to access unauthorized files and directories on a web server. One method of a canonicalization attack is when an attacker encodes input before it is sent to the application for further processing, enabling the attacker to evade a system’s input validation and output encoding controls.

Want to learn more? Check out our FREE Bugcrowd University to sharpen your hacking skills.

Organizations the world over need your help! Join our researcher community to connect with hundreds of organization programs focused on finding their security vulnerabilities. Our vast directory includes programs for all skill levels, across many industries and from around the world.

Back To Top