Lompat ke konten Lompat ke sidebar Lompat ke footer

Web Application Penetration Testing

Hallo, semuanya.
Buat kalian yang sedang cari daerah mencar ilmu web application penetration testing, ok kali ini gw mau sharing link banyak sekali macam tutorial disini.
Pokoknya recommended banget terutama bagi yang pemula.

Ok gausah berlama-lama kita eksklusif ke topik pembahasan ajalah hhh.

Phase 1 - History
Phase 2 - Web and Server Technology
Phase 3 - Setting up the lab with BurpSuite and bWAPP
Manish Agrawal
Ether Security Lab
Phase 4 - Mapping the application and attack surface
Phase 5 - Understanding and exploiting OWASP top 10 vulnerabilities
F5 Central
Luke Briner
Phase 6 - Bypassing client-side controls
Phase 7 - Attacking authentication/login
Phase 8 - Attacking access controls (IDOR, Priv esc, Hidden files and directories)
Completely unprotected functionalities
Insecure direct object reference
Privilege escalation
Phase 9 - Attacking data stores (Various types of injection attacks - SQL|MySQL|NoSQL|Oracel, etc.)
SQL Injection
NoSQL Injection
Xpath Injection
LDAP Injection
Phase 10 - Attacking back-end commponents (OS command injection, XMI interpreters, mail services, etc.)
OS command injection
Oke mugkin cukup segini dulu, semisal nanti ada update terbaru nanti gw update juga artikelnya.
Pokoknya pantengin aja terus blog gw.
Yaudahlah, sekian untuk artikel kali ini. Semoga bermanfaat, Thanks!!!

Sumber http://maqlo-heker.blogspot.com/