Secuholic's WebHacking Tutorial - part0. Introduce SWT
Introduce
Hello. Welcome To Secuholic's Webhacking Tutorial.
In the past few years, I've been Pen Testing hundreds of websites, reading numerous books and doing google searches. I could find various technical documents and techniques for beginners, but I could not find systematic documents or tutorials.
So, I decided to write a systematic web hacking tutorial that would help both beginners and professionals.
The tutorial will include:
- Basic knowledges :
HTTP Protocol, Proxy, Encoding/Decoding, WEB/WAS/DBMS, etc
- Information Gathering
GoogleDorking, Banner grabbing, PortScan, Sitemap, Spidering, etc
- Basic Web hacking
Injection, Auth and Session, XSS, CSRF, Infomation Exposure, FileUpload/Download, etc
- Advanced Webhacking
XXE, XSRF, NoSQL, ActiveX, HTML5, Templete Injection, Parser, OOB, Deserialize, etc
- Bypass Techniques
Filter Bypass, WAF Bypass, Regex Bypass, etc
- Webhacking Scenario
webshell, SQLinjeciton, XXE, etc
- BugBounty
Bugcrowd, Hackerone, etc
- CTF(capture the flag)
Writeups
Papers
My goal is to post once a week. Starting next week. :)
Congratulations @secuholic! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit