-
Recent Posts
Recent Comments
Archives
Categories
- Access Control Flaws
- Authentication Flaws
- Backdoors
- Blind SQL Injection
- Bypass Client Side Validation
- Cache Poisoning
- Client Side Filtering Attacks
- Client-Side Attacks
- Cross Site Request Forgery
- Cross Site Scripting
- Cross Site Tracing Attacks
- Cryptographic Attacks
- Data Layer Access Control
- Denial of Service
- DOM Based XSS
- Encoding
- Fail Open Authentication
- File Handling Vulnerabilities
- Hidden Fields
- HTTP Splitting
- Improper Error Handling
- Injection Flaws
- Insecure Client Storage
- Insecure Login
- JSON Injection
- Log Spoofing
- Multi-Level Logon
- Numeric SQL Injection
- Password Recovery Attack
- Reflected XSS
- Remote Admin Attacks
- Same Origin Policy Protection
- Session Hijacking
- Silent Transactions Attack
- SOAP Request
- Spoofing Cookies
- SQL Injection
- Stored XSS
- String SQL Injection
- Thread Safety Problems
- Uncategorized
- Weak Authentication
- WSDL Scanning
- XML Injection
- XPATH Injection
Meta
Category Archives: Uncategorized
Hacme Books Week 1
This is the first in a series of three posts for the vulnerable web application Hacme Books. New posts for Hacme Books will occur every Monday. Hacme Books The Security of web applications is a big concern in today rapidly … Continue reading
Posted in Uncategorized
Leave a comment
WebMaven Week 1
This is the first in a series of three posts for the vulnerable web application WebMaven. New posts for WebMaven will occur every Monday. WebMaven WebMaven v.1.01 is an interactive web application that simulates several vulnerabilities at the application-level. WebMaven … Continue reading
Posted in Uncategorized
Leave a comment
Welcome to Web App Pentest
I really hope that people will enjoy and learn from this website. For me as a Network Penetration Tester for several years it was REALLY hard to transition to doing web application penetration tests. I really didn’t have a strong … Continue reading
Posted in Uncategorized
Leave a comment
