Skip to content

Files

Latest commit

d54c707 · May 19, 2024

History

History
This branch is 3 commits behind LeonardoE95/OSCP:main.

01-web

OSCP – 01 Web

Introduction

  • Introduction to Web Exploitation

  • Getting used to burpsuite

Web Vulnerabilities

There are many vulnerabilities in the context of the Web. The following list contains some of the core vulnerabilities that you need to know in the context of the OSCP exam.

  • SQL Injection (SQLi)

  • Directory traversal

  • File Inclusion (Local + Remote)

  • File Upload Vulnerabilities

  • OS Command Injection

  • Cross-Site Scripting (XSS)

Web Enumeration

Enumeration is all about increasing your information. In the context of the Web, various things can be enumerated. These are listed below.

  • Enumeration of Files and Directories

  • Enumeration of Virtual Hosts

  • Enumeration of HTTP Parameters

Other Attacks

Finally, the following are useful technique to know when dealing with web technologies.

  • Brute Force Attacks

  • DNS Zone Transfer Attacks