Web application vulnerabilities are ways for hackers to gain or alter server-sided data without fully gaining access to the server itself by exploiting some of its existing functions. One of the most common types of web application vulnerabilities is an SQL injection. In this case, an injection happens when a hacker tries to alter data by inserting a command in an already existing data field in a web application interface. A good example of this is by inputting some sort of SQL command in a login password field textbox. A vulnerable web application will often respond to this request back to the hacker with a syntactical SQL error, which indicates that it may be exploitable. The hacker would then often tries to insert a comment command to circumvent and ignore some of the safeguard mechanisms on the server side that happen after the initial password user input. With that, they might be able to access a victim’s account without being fully authenticated, provided that they know the victim user’s username. Slowloris and XOIC are some of the most commonly used tools to initiate a web server attack. Some of those attacks include assembling a botnet to initiate DDOS attacks and DNS hijacking or amplification to disguise a malicious web server as a legitimate DNS service to redirect other web clients from visiting a malicious server instead of the legitimate server.