Authentication
SQL Injections
Understanding CSRF
Identification of CSRF
Exploitation of CSRF
Remediation of CSRF
File upload feature
File Size –big file
File canonicalization attack —../../../
File to shell –shell.php, jsp,asp
File to malware –eicar.txt
Basics of SSRF
SSRF with XXE
SSRF in File Download
SSRF in File content fetch
SSRF in host connect (port scan)
Introduction to XML
Configuring XHttp request at client
Configuring XML parser at server
Identification of XXE
Exploitation of XXE
Remediation of XXE
Basics of Cryptography
Encoding –Crane Problem
Encryption
Ciphers
Symmetric Key Encryption
Asymmetric Key Encryption
Public Key cryptography
Hashing –md5, SHA1, SHA2
DS
DC
SSL Tests –NmapEnumciphers
Certificate Problems
Protocol Support
Key Exchange
Cipher Strength