Port Swigger

Server-Side

• SQL Injection
  • Examining the Database in SQL Attacks
  • Union-Based SQL Injection
  • Blind SQL Injection
    • Error-Based SQL Injection
    • Time-Based SQL Injection
    • Out-of-Band SQL Injection
  • SQL Injection in Different Contexts
  • Second-Order SQL Injection
• SSRF
  • Circumventing Common SSRF Defenses
  • Blind SSRF
• XXE Injection
  • Blind XXE
  • Finding Hidden Attack Surface for XXE Injection
• Path Traversal
• File Upload Vulnerabilities
  • Exploiting Unrestricted File Uploads to Deploy a Web Shell
  • Exploiting Flawed Validation of File Uploads
  • Exploiting File Upload Vulnerabilities without Remote Code Execution
• NoSQL Injection
• Authentication
• OS Command Injection
• Business Logic Vulnerabilities
• Information Disclosure
• Broken Access Control
• Race Conditions

Client-Side

• Cross-Site Scripting
  • Reflected XSS
  • Stored XSS
  • DOM XSS
  • XSS Contexts
  • Exploiting Cross-Site Scripting Vulnerabilities
  • Dangling Markup Injection
  • Bypassing CSP
  • Preventing XSS Attacks
  • XSS via Client-Side Template Injection
• Cross-Site Request Forgery
  • Bypassing CSRF Token Validation
  • Bypassing SameSite Cookie Restrictions
  • Bypassing Referer-based CSRF Defenses
• Cross-Origin Resource Sharing
  • Access-Control-Allow-Origin Response Header
  • Same-Origin Policy
  • Vulnerabilities Arising From CORS Configuration Issues
• WebSocket
  • Port Swigger - WebSocket Security Vulnerabilities
  • Port Swigger - Cross-Site WebSocket Hijacking
• DOM Clobbering

Advanced Topics

• JWT Attacks
  • JWT Header Parameter Injections
  • JWT Algorithm Confusion Attacks
• Insecure Deserialization
  • Exploiting Insecure Deserialization Vulnerabilities
  • Gadget Chains for Insecure Deserialization
  • Create Your Own Insecure Deserialization Exploit
  • PHAR Deserialization
• Prototype Pollution
  • Client-Side Prototype Pollution Vulnerabilities
  • Prototype Pollution via Browser APIs
  • Server-Side Prototype Pollution Vulnerabilities
  • Remote Code Execution via Server-side Prototype Pollution
• HTTP Request Smuggling
  • Finding HTTP Request Smuggling Vulnerabilities
  • Exploiting HTTP Request Smuggling Vulnerabilities
  • Advanced Request Smuggling
  • Browser-Powered Request Smuggling
• Server Side Template Injection
  • Exploiting Server-Side Template Injection Vulnerabilities
• Open Authentication
  • Exploiting OAuth Authentication Vulnerabilities
  • Extending OAuth with OpenID Connect
• GraphQL
  • GraphQL Vulnerabilities
• Host Header Injection