Advanced Web Hacking 5 Day Training by Sanjay Gondaliya

Advanced Web Hacking 5 Day Training by Sanjay Gondaliya
English | Size: 9.32 GB
Genre: eLearning

Much like our popular Advanced Infrastructure Hacking class, this class talks about a wealth of hacking techniques to compromise web applications, APIs, cloud components and other associated end-points. This class focuses on specific areas of appsec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). The class allows attendees to practice some neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known.

Note: This is a fast paced class and attendees are expected to have a basic understanding of common web vulnerabilities and attacks. Attendees will also benefit from a state-of-art Hacklab and we will be providing free 30 days lab access after the class to allow attendees more practice time.

The following is the course outline:

Authentication Attacks
– Logical Bypass / Boundary Conditions
– Token Hijacking attacks
– Attacking SSO
– SAML / OAuth 2.0 / JWT Attacks
– SAML Authentication and Authorization Bypass

Advanced XXE Attacks
– XXE through SAML
– XXE in file parsing
– XXE Exploitation over OOB channels

Breaking Crypto
– Known Plaintext Attack (Faulty Password Reset)
– Exploiting padding oracles with fixed IVs
– Hash length extension attacks
– Auth Bypass using Pre-shared MachineKey

Complex Business Logic Flaws / Authorization flaws
– Mass Assignment bugs
– Invite/Promo Code Bypass
– Replay Attack
– HTTP Parameter Pollution (HPP)

Server-Side Request Forgery (SSRF)
– SSRF to call internal files
– SSRF to exploit templates and extensions

SQL Injection Masterclass
– 2nd Order Injection
– Out-of-Band exploitation
– SQLi through crypto
– OS code exec via Powershell
– Advance SQLMAP Usage with eval option
– Data Exfiltration over DNS via SQLi

– Pentesting GraphQL
– Exploiting SQL
– Performing Introspection Attacks
– Understanding and leveraging mutations for exploitation

Remote Code Execution (RCE)

– Java Serialization Attack
– Binary
– SerialVersionUID Mismatch
– PHP Serialization Attack
– Server Side Template Injection
– Ruby Injection
– Analyzing CVE-2021-25770
– Exploiting code injection over OOB channel

Attacking the Cloud
– SSRF Exploitation
– Serverless exploitation
– Google Dorking in the Cloud Era
– Cognito misconfiguration to data exfiltration
– Various Case Studies

Tricky File Uploads
– Malicious File Extensions
CTF: Circumventing File validation checks

Miscellaneous Vulnerabilities
– Second order IDOR attack
– Exploiting misconfigured code control systems

Miscellaneous Topics
– A Collection of weird and wonderful XSS and CSRF attacks
– Attack Chaining

Practice Labs with Walkthrough:
– Attacking Hardened WordPress
– Unicode Normalization Attacks
– HTTP Desync attack
– Web Caching Attacks
– Password Reset Attacks
– Cookie Swap
– Host Header Validation Bypass
– Path Traversal using Padding Oracle
– Python serialization attack
– Java Serialization Attack – JSON
– .Net Serialization Attack

If any links die or problem unrar, send request to

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.