Menu

Close
  • Home
  • Resources
  • Linux Commands
Subscribe
Menu

web app testing

A 11-post collection

← Newer Posts Page 2 of 2

XXE - XML External Entity

The XML External Entity (XXE) attack is a type of attack against an application that parses XML input. An XXE attack typically occurs when XML input »

Chris Young Chris Young on OWASP, web app testing, XXE 13 April 2018

Unrestricted File Upload

Many web applications allow users to upload content. The content may be images, word documents, audio and video files etc. This upload facility however exposes a »

Chris Young Chris Young on OWASP, web app testing, File Upload 13 April 2018

SSRF - Server Side Request Forgery

Server Side Request Forgery (SSRF) is a vulnerability that describes the behaviour of a server making a request that is under the attackers control. When using »

Chris Young Chris Young on SSRF, OWASP, web app testing 13 April 2018

Basic CURL commands

List HTTP methods: curl -i -X OPTIONS http://10.10.10.57 -i flag to include protocol response headers in the output. Grab HTTP Server Banners: »

Chris Young Chris Young on web app testing, kali basics, curl 30 March 2018

DVWA - Command Injection

Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks »

Chris Young Chris Young on dvwa, web app testing 28 March 2018
← Newer Posts Page 2 of 2
Information Security Consultant | Pen tester © 2019
Proudly published with Ghost