Table of Contents

Web Security

Server-side

• SQL injection
• Authentication
• Directory traversal
• Command injection
• Business logic vulnerabilities
• Information disclosure
• Broken access control
• File upload vulnerabilites
• Server-Side request forgery
• XXE injection

Client-side

• Cross-site scripting
• Cross-site request forgery
• Cross-origin resourse sharing
• Clickjacking (current)
• DOM-based vulnerabilities
• WebSockets

OSINT

• Google dorks
• Links

Useful

• Shells
• Links
• GitHub ssh