Awwwolf
PortSwigger-Web Security Academy
Try
HackMD
Awwwolf
·
Follow
Last edited by
Awwwolf
on
Jul 3, 2023
Linked with GitHub
Contributed by
PortSwigger-Web Security Academy
Serve-side topics
1.
SQL injection
<- 點這裡
2.
Authentication
3.
Directory traversal
4.
Command injection
5.
Business logic vulnerablilities
6.
Information disclosure vulnerabilities
7.
Access control
8.
File upload vulnerabilities
9.
Server-side request forgery(SSRF)
10.
XXE injection
Client-side topics
11.
Cross-site scripting(XSS)
12.
Cross-site request forgery(CSRF)
13.
Cross-origin resource sharing(CORS)
14.
Clickjacking(UI redressing)
15.
DOM-based vulnerabilities
16.
WebSockets
Advanced topics
17.
Insecure deserialization
18.
Testing GraphQL APIs
19.
Server-side template injection
20.
Web cache poisoning
21.
HTTP Host header attacks
22.
HTTP request smuggling
23.
OAuth authentication
24.
JWT attacks
25.
Prototype pollution
26.
Essential skills
PortSwigger-Web Security Academy
Serve-side topics
1. SQL injection <- 點這裡
2. Authentication
3. Directory traversal
4. Command injection
5. Business logic vulnerablilities
6. Information disclosure vulnerabilities
7. Access control
8. File upload vulnerabilities
9. Server-side request forgery(SSRF)
10. XXE injection
Client-side topics
11. Cross-site scripting(XSS)
12. Cross-site request forgery(CSRF)
13. Cross-origin resource sharing(CORS)
14. Clickjacking(UI redressing)
15. DOM-based vulnerabilities
16. WebSockets
Advanced topics
17. Insecure deserialization
18. Testing GraphQL APIs
19. Server-side template injection
20. Web cache poisoning
21. HTTP Host header attacks
22. HTTP request smuggling
23. OAuth authentication
24. JWT attacks
25. Prototype pollution
26. Essential skills
Expand all
Back to top
Go to bottom
PortSwigger-Web Security Academy
Serve-side topics
1. SQL injection <- 點這裡
2. Authentication
3. Directory traversal
4. Command injection
5. Business logic vulnerablilities
6. Information disclosure vulnerabilities
7. Access control
8. File upload vulnerabilities
9. Server-side request forgery(SSRF)
10. XXE injection
Client-side topics
11. Cross-site scripting(XSS)
12. Cross-site request forgery(CSRF)
13. Cross-origin resource sharing(CORS)
14. Clickjacking(UI redressing)
15. DOM-based vulnerabilities
16. WebSockets
Advanced topics
17. Insecure deserialization
18. Testing GraphQL APIs
19. Server-side template injection
20. Web cache poisoning
21. HTTP Host header attacks
22. HTTP request smuggling
23. OAuth authentication
24. JWT attacks
25. Prototype pollution
26. Essential skills
Expand all
Back to top
Go to bottom
×
Sign in
Email
Password
Forgot password
or
By clicking below, you agree to our
terms of service
.
Sign in via Facebook
Sign in via Twitter
Sign in via GitHub
Sign in via Dropbox
Sign in with Wallet
Wallet (
)
Connect another wallet
New to HackMD?
Sign up
Comment
HackMD