Mobile Testing - Getting Started
A few weeks ago I was tasked with performing a mobile application
OWASP
OWASP Newcastle Webinar - 5th May 2020
Earlier this year I did an internal presentation to my colleagues at
Web Application Vulnerabilities 101 - Directory Traversal
Directory traversal aims to access files and directories that are stored outside
DVWA - File Inclusion
LFI & RFI are commonly found in poorly written PHP code, allows
CSRF - Cross Site Request Forgery
CSRF refers to an attack against authenticated web applications using Cookies wherein
XSS - Cross Site Scripting
XSS in an input validation weakness which allows an attacker to inject
XXE - XML External Entity
The XML External Entity (XXE) attack is a type of attack against
Unrestricted File Upload
Many web applications allow users to upload content. The content may be
SSRF - Server Side Request Forgery
Server Side Request Forgery (SSRF) is a vulnerability that describes the behaviour
SQL Injection Techniques
Basic
' or '1'='1
' OR '1&
Understanding SQL Injection
SQL injection is one of the oldest attacks that can be used