Web Application Exploitation

The first phase of every security assessment. Find what others miss.

• Browser developer tools for security testing
• DNS reconnaissance and subdomain discovery
• Technology fingerprinting
• HTTP header analysis
• Directory and file enumeration
• Web Application Firewall detection
• Automation and scripting

The OWASP Top 10 through actual exploitation. Both offensive and defensive perspective.

• SQL injection (union, blind, error based)
• Local and Remote File Inclusion
• Server Side Template Injection
• Cross Site Scripting (reflected, stored, DOM)
• Cross Site Request Forgery
• Insecure deserialization
• Broken access control and authentication

Techniques used in real penetration testing engagements and bug bounty programs.

• Server Side Request Forgery (SSRF)
• HTTP Request Smuggling
• Race conditions and concurrency attacks
• WAF filter bypasses and evasion
• Authentication and session attacks
• Cache poisoning
• GraphQL exploitation
• XML, XXE, and XSLT attacks