-
Introduction to Web Exploitation
-
Getting used to burpsuite
There are many vulnerabilities in the context of the Web. The following list contains some of the core vulnerabilities that you need to know in the context of the OSCP exam.
-
SQL Injection (SQLi)
-
Directory traversal
-
File Inclusion (Local + Remote)
-
File Upload Vulnerabilities
-
OS Command Injection
-
Cross-Site Scripting (XSS)
Enumeration is all about increasing your information. In the context of the Web, various things can be enumerated. These are listed below.
-
Enumeration of Files and Directories
-
Enumeration of Virtual Hosts
-
Enumeration of HTTP Parameters
Finally, the following are useful technique to know when dealing with web technologies.
-
Brute Force Attacks
-
DNS Zone Transfer Attacks