itsMe Posted June 10, 2023 Share Posted June 10, 2023 This is the hidden content, please Sign In or Sign Up About Course Advanced Web AWAE (Advanced Web Attacks and Exploitation) the period of the attacks and skills required to do the testing, penetration testing, web shows. In this course, students analyze deep in the source code of the web sites do, and The vulnerability that many scanners are able to identify not find them. Web security tools and methodologies Source code analysis Persistent cross-site scripting Session hijacking .NET deserialization Remote code execution Blind SQL injections Data exfiltration Bypassing file upload restrictions and file extension filters PHP type juggling with loose comparisons PostgreSQL Extension and User Defined Functions Bypassing REGEX restrictions Magic hashes Bypassing character restrictions UDF reverse shells PostgreSQL large objects DOM-based cross site scripting (black box) Server side template injection Weak random token generation Weak random token generation XML external entity injection RCE via database functions OS command injection via WebSockets (black box) This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts