Web Application Security
Learn all about Web Application Security with great learning resources from videos to articles to complete training courses.
Offensive, Defensive, and Forensic Techniques for Determining Web User Identity
This course looks at web users from a few different perspectives. First, we look at identifying techniques to determine web user identities from a server perspective. Second, we will look at obfuscating techniques from a user whom seeks to be anonymous. Finally, we look at forensic techniques, which, when given a hard drive or similar media, we identify users who accessed that server.
This article will look at some of the most common authentication mechanisms used by websites and discuss potential vulnerabilities in them. It highlights both inherent vulnerabilities in different authentication mechanisms, as well as some typical vulnerabilities that are introduced by their improper implementation. Finally, it provides basic guidance on how you can ensure that your own authentication mechanisms are as robust as possible.
Burp Suite Certified Practitioner
Advance your career and demonstrate your skills, by becoming a Burp Suite Certified Practitioner. Prove your ability to detect and exploit common web vulnerabilities, with the security testing software used by more than 50,000 security professionals worldwide. By becoming a Burp Suite Certified Practitioner, you will be able to demonstrate your web security testing knowledge and Burp Suite skills to the world.
HTTP Host header attacks
This article discusses how misconfigurations and flawed business logic can expose websites to a variety of attacks via the HTTP Host header. It outlines the high-level methodology for identifying websites that are vulnerable to HTTP Host header attacks and demonstrate how you can exploit this. It also provides some general guidance on how you can protect your own websites.
Information disclosure vulnerabilities
This article will explain the basics of information disclosure vulnerabilities and describe how you can find and exploit them. It also provides some guidance on how you can prevent information disclosure vulnerabilities in your own websites.
This article will cover what insecure deserialization is and describe how it can potentially expose websites to high-severity attacks. It will highlight typical scenarios and demonstrate some widely applicable techniques using concrete examples of PHP, Ruby, and Java deserialization. Finally, it also looks at some ways that you can avoid insecure deserialization vulnerabilities in your own websites.
OAuth 2.0 authentication vulnerabilities
While browsing the web, you've almost certainly come across sites that let you log in using your social media account. The chances are that this feature is built using the popular OAuth 2.0 framework. OAuth 2.0 is highly interesting for attackers because it is both extremely common and inherently prone to implementation mistakes. This can result in a number of vulnerabilities, allowing attackers to obtain sensitive user data and potentially bypass authentication completely.
Server-side template injection
This article will discuss what server-side template injection is and outline the basic methodology for exploiting server-side template injection vulnerabilities. It also covers ways of making sure that your own use of templates doesn't expose you to server-side template injection.
API Security 101 by Sadako
This talk covers the primary domains of API security, with notable examples of security flaws for each. The presenter also discusses some basic methodology for testing and fuzzing services, by approaching with educated guesses to how the backend actually works.
Bugcrowd University - Broken Access Control Testing
Access control, sometimes called authorization, is how a web application grants access to content and functions to some users and not others. Learn how you can test for incorrect configuration of access control which can result in web application security vulnerabilities.
Bugcrowd University - Cross Site Scripting (XSS)
Cross Site Scripting! XSS vulnerabilities are one of the most common bugs on the internet. This class of bug can be very powerful, especially when used with other vulnerabilities and techniques. Learn the history of XSS and and what you can do with this vulnerability.
Bugcrowd University – Advanced Burp Suite
This video from Bugcrowd University build on the content in their Introduction to Burpsuite module. This resource will explore further configurations, functionality, and some extensions that will enable you to better utilize Burp Suite. The content is created by Bugcrowd Ambassador Jasmin Landry (jr0ch17).
Bugcrowd University – Server Side Request Forgery
Defined by OWASP: “In a Server-Side Request Forgery (SSRF) attack, the attacker can abuse functionality on the server to read or update internal resources.” This video will talk you through what SSRF is and how to use in for bug hunting.
Bugcrowd University – XML External Entity Injection
Learn about XML External Entity Injection in this YouTube video from Bugcrowd University. Defined by OWASP: “An XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.”
Video Playlist: Offensive, Defensive, and Forensic Techniques for Determining Web User Identity
A Youtube playlist of the OpenSecurityTraining.info 'Web User Identity' course being delivered. This course looks at web users from a few different perspectives. First, we look at identifying techniques to determine web user identities from a server perspective. Second, we will look at obfuscating techniques from a user whom seeks to be anonymous. Finally, we look at forensic techniques, which, when given a hard drive or similar media, we identify users who accessed that server.