Detailed Course Outline
Day 1:
- Understanding HTTP Protocol
- Identifying the Attack Surface
- Username Enumeration
- Information Disclosure
- Issues with SSL/TLS
- Cross Site Scripting
- Cross-Site Request Forgery
Day 2:
- SQL Injection
- XXE Attacks
- OS Code Injection
- Local/Remote File Include
- Cryptographic Weakness
- Business Logic Flaws
- Insecure File Uploads