Detailed Course Outline
Introduction to Web Applications
- Design Flaws
- Authentication
- Authorization
- Session Management
- Logical Flaws
- Web Server Misconfiguration
- Application Server Misconfiguration
- HTTP Methods
- SSL and MITM attacks
Cross Site Issues
- Cross Site Scripting
- Cross Site Request Forgery
- Session Fixation
- Flash and Cross Domain Issues
Server Side Issues
- SQL Injection
- LDAP Injection
- XPATH Injection
- XXE Injection
- File Uploads
- Server Side Includes
- File Inclusion
- Direct Object Reference
- OS Code Execution