Full-Stack Attacks on Modern Web Applications

Full-Stack Attacks on Modern Web Applications free download

Learn About HTTP Parameter Pollution, Subdomain Takeover, and Advanced Clickjacking

Web application security is not only about XSS and SQL injection. Professional penetration testers and red team members must learn about full-stack attacks on modern web applications and I created this course to help you on this journey.

In this course, you will learn about 3 powerful attacks. First, I'll show you how an attacker can bypass authorization via HTTP parameter pollution. Next, I'll present how the attacker can launch a subdomain takeover attack. Finally, I'll demonstrate how the attacker can take over a user’s account via clickjacking.

** For every single attack presented in this course there is a demo ** so that you can learn step by step how these attacks work in practice. You'll also learn how to check if your web applications are vulnerable to these attacks. I hope this sounds good to you and I can’t wait to see you in the class.

• Case #1:  HTTP Parameter Pollution – Part 1

• Case #1:  HTTP Parameter Pollution – Part 2

• Case #2: Subdomain Takeover – Part 1

• Case #2: Subdomain Takeover – Part 2

• Case #3: Account Takeover via Clickjacking – Part 1

• Case #3: Account Takeover via Clickjacking – Part 2
  

Note: you can get paid for these bugs in bug bounty programs.