Introduction
- About the AWAE Course
- Our Approach
- Obtaining Support
- Offensive Security AWAE Labs
- Reporting
- Backups
- About the OSWE Exam
Tools & Methodologies
- Web Traffic Inspection
- Interacting with Web Listeners using Python
- Source Code Recovery
- Source Code Analysis Methodology
- Debugging
ATutor, Authentication, Bypass and RCE
- Initial Vulnerability Discovery
- A Brief Review of Blind SQL Injections
- Digging Deeper
- Data Exfiltration
- Subverting the ATutor Authentication
- Authentication Gone Bad
- Bypassing File Upload Restrictions
- Gaining Remote Code Execution
ATutor LMS Type, Juggling Vulnerability
- PHP Loose and Strict Comparisons
- PHP String Conversion to Number
- Vulnerability Discovery
- Attacking the Loose Comparison
ManageEngine, Applications Manager, AMUserResourcesSyn, cServlet SQL Injection, RCE
- Vulnerability Discovery
- How Houdini Escapes
- Blind Bats
- Accessing the File System
- PostgreSQL Extensions
- UDF Reverse Shell
- More Shells!!!
Bassmaster NodeJS, Arbitrary JavaScript, Injection Vulnerability
- The Bassmaster Plugin
- Vulnerability Discovery
- Triggering the Vulnerability
- Obtaining a Reverse Shell
DotNetNuke Cookie, Deserialization RCE
- Serialization Basics
- DotNetNuke Vulnerability Analysis
- Payload Options
- Putting It All Together
ERPNext, Authentication Bypass and Server Side Template Injection
- Introduction to MVC, Metadata-Driven Architecture, and HTTP Routing
- Authentication Bypass Discovery
- Authentication Bypass Exploitation
- SSTI Vulnerability Discovery
- SSTI Vulnerability Exploitation
openCRX, Authentication Bypass and Remote Code, Execution
- Password Reset Vulnerability Discovery
- XML External Entity Vulnerability Discovery
- Remote Code Execution
openITCOCKPIT XSS and OS Command Injection – Blackbox
- Black Box Testing in openITCOCKPIT
- Application Discovery
- Intro To DOM-based XSS
- XSS Hunting
- Advanced XSS Exploitation
- RCE Hunting
Concord, Authentication Bypass to RCE
- Authentication Bypass: Round One - CSRF and CORS
- Authentication Bypass: Round Two - Insecure Defaults
Server-Side Request, Forgery
- Introduction to Microservices
- API Discovery via Verb Tampering
- Introduction to Server-Side Request Forgery
- Render API Auth Bypass
- Exploiting Headless Chrome
- Remote Code Execution
Guacamole Lite, Prototype Pollution
- Introduction to JavaScript Prototype
- Prototype Pollution Exploitation
- EJS Handlebars
Conclusion
Worldwide Locations
Download course details