Useful Links
Computer Science
Cybersecurity
Ethical Hacking
1. Foundations of Ethical Hacking
2. Networking Fundamentals for Hackers
3. The Ethical Hacking Methodology
4. Web Application Security Testing
5. Wireless Network Security
6. Social Engineering
7. Mobile Device Security
8. Cryptography and Cryptanalysis
9. Advanced Evasion and Anti-Forensics
10. Cloud Security and IoT Hacking
Web Application Security Testing
Web Application Architecture
Client-Side Technologies
HTML and CSS
JavaScript Frameworks
Browser Security Models
Client-Side Storage
Server-Side Technologies
Web Server Platforms
Application Frameworks
Server-Side Scripting
Database Integration
Web Application Components
Load Balancers
Web Application Firewalls
Content Delivery Networks
API Gateways
OWASP Top 10 Vulnerabilities
Injection Vulnerabilities
SQL Injection
Error-Based SQL Injection
Boolean-Based Blind SQL Injection
Time-Based Blind SQL Injection
Union-Based SQL Injection
NoSQL Injection
MongoDB Injection
CouchDB Injection
Command Injection
OS Command Injection
Code Injection
LDAP Injection
XPath Injection
Broken Authentication
Session Management Flaws
Session Fixation
Session Hijacking
Insecure Session Storage
Password Security Issues
Weak Password Policies
Credential Stuffing
Password Spraying
Multi-Factor Authentication Bypass
Sensitive Data Exposure
Encryption Weaknesses
Weak Encryption Algorithms
Poor Key Management
Unencrypted Data Transmission
Data Leakage
Information Disclosure
Debug Information Exposure
Error Message Information Leakage
XML External Entities
XXE Attack Vectors
File Disclosure
Server-Side Request Forgery
Denial of Service
XXE Prevention Techniques
Broken Access Control
Insecure Direct Object References
Parameter Manipulation
Path Traversal
Missing Function Level Access Control
Privilege Escalation
Administrative Function Access
Cross-Origin Resource Sharing Issues
Security Misconfiguration
Default Configurations
Default Credentials
Unnecessary Services
Sample Applications
Information Disclosure
Directory Listings
Stack Traces
Configuration Files
HTTP Security Headers
Missing Security Headers
Misconfigured Headers
Cross-Site Scripting
Stored XSS
Persistent XSS Attacks
Database-Stored Payloads
Reflected XSS
URL-Based Attacks
Form-Based Attacks
DOM-Based XSS
Client-Side Vulnerabilities
JavaScript Manipulation
XSS Prevention Techniques
Insecure Deserialization
Object Injection Attacks
Remote Code Execution
Privilege Escalation
Data Tampering
Serialized Object Manipulation
Using Components with Known Vulnerabilities
Third-Party Library Vulnerabilities
Dependency Management
Version Control
Framework Vulnerabilities
Outdated Frameworks
Unpatched Components
Insufficient Logging and Monitoring
Log Management Issues
Missing Audit Trails
Inadequate Log Retention
Monitoring Gaps
Attack Detection Failures
Incident Response Delays
Advanced Web Application Attacks
Business Logic Flaws
Workflow Bypass
Race Conditions
Price Manipulation
Privilege Escalation
Client-Side Attacks
Clickjacking
UI Redressing
Frame Busting Bypass
Cross-Site Request Forgery
CSRF Token Bypass
Same-Site Cookie Attacks
HTML5 Security Issues
Web Storage Attacks
WebSocket Security
PostMessage Vulnerabilities
Server-Side Request Forgery
Internal Network Access
Cloud Metadata Service Attacks
Port Scanning via SSRF
File Upload Vulnerabilities
Unrestricted File Upload
File Type Bypass
Path Traversal via Upload
Remote Code Execution via Upload
Web Application Testing Methodology
Information Gathering
Application Mapping
Technology Identification
Entry Point Identification
Authentication Testing
Credential Transport Security
Session Management Testing
Password Policy Testing
Authorization Testing
Path Traversal Testing
Privilege Escalation Testing
Insecure Direct Object Reference Testing
Input Validation Testing
Injection Testing
Cross-Site Scripting Testing
HTTP Parameter Pollution
Error Handling Testing
Error Code Analysis
Stack Trace Analysis
Cryptography Testing
SSL/TLS Configuration Testing
Weak Cryptography Testing
Previous
3. The Ethical Hacking Methodology
Go to top
Next
5. Wireless Network Security