Description
Size: 5.46 GB
You Will Learn
- How to discover and exploit vulnerabilities in modern web frameworks, technologies, and backends
- Skills to test and exploit specific technologies such as HTTP/2, Web Sockets, and Node.js
- How to evaluate and find vulnerabilities in the many uses of encryption within modern web applications
- Skills to test and evaluate mobile backends and web services used in an enterprise
- Methods to recognize and bypass custom developer, web framework, and Web Application Firewall defenses
You Will Be Able To
- Perform advanced Local File Include (LFI)/Remote File Include (RFI), Blind SQL injection (SQLi), and Cross-Site Scripting (XSS) combined with Cross-Site Request Forger (XSRF) discovery and exploitation
- Exploit advanced vulnerabilities common to most backend language like Mass Assignments, Type Juggling, and Object Serialization
- Perform JavaScript-based injection against ExpressJS, Node.js, and NoSQL
- Understand the special testing methods for content management systems such as SharePoint and WordPress
- Identify and exploit encryption implementations within web applications and frameworks
- Discover XML Entity and XPath vulnerabilities in SOAP or REST web services and other datastores
- Use tools and techniques to work with and exploit HTTP/2 and Web Sockets
- Identify and bypass Web Application Firewalls and application filtering techniques to exploit the system