You are here
Web Application Security on Fire
In this talk we will learn how to use web application vulnerabilities in real attack scenarios, and then how to prevent them.
- 1. Injections (SQL Injection, OS Command Injection, etc…)
- 2. Broken Authentication and Session Management
- 3. File Path Traversal - Remote / Local File Inclusion AKA Directory Traversal LFI / LFI
- 4. Cross Site Scripting AKA XSS (Reflected, Stored, DOM Based and Self)
- 5. Cross Site Request Forgery AKA CSRF
- 6. Brute Force Attacks AKA Dictionary Attack
- 7. Sensitive Data Exposure AKA Information Disclosure
- 8. Invalidated Redirects and Forwards AKA Open Redirections
- 9. Click jacking AKA UI Redressing
- 10. Using Components with Known Vulnerabilities (Ex. Libraries, Plugins and Themes) Shit in the mix.