013 🌐 Web Application Security MOC
- OWASP Framework: OWASP, Insecure Design
- Injection Attacks: Injection, SQL Injection, Command Injection, Server Side Template Injection (SSTI), Parameterized Queries
- Access Control Failures: Broken Access Control, Insecure Direct Object Reference (IDOR), Privilege Escalation, Authorization Bypass
- Client-Side Attacks: Cross-Site Scripting (XSS), Cross-site request forgery (CSRF)
- Server-Side Flaws: Server-Side Request Forgery (SSRF), Security Misconfigurations
- Web Fundamentals: HTTP Request, Cookie, Web Session, User-Agent Spoofing, View Page Source, Web Crawler, robots.txt, Sitemap, Search Engine Optimization (SEO)
- Platforms: WordPress
- Tools: cURL, Burp Suite