WEB-300: Advanced Web Attacks and Exploitation (OSWE)

Advanced Web Attacks and exploitation (WEB-300) is an advanced web application security course that teaches the skills needed to conduct white box web app penetration tests. will demonstrate mastery in exploiting front-facing web apps. The OSWE is one of three certifications making up the OSCE³ certification along with the OSEP for advanced pentesting and OSED for exploit development.

WEB-300: Advanced Web Attacks and Exploitation (OSWE)
Size: 1.86 GB
Contains: 255 Files, 16 Folders

TABLE OF CONTENTS.
- Tools & Methodologies
- ATutor Authentication Bypass and RCE
- ATutor LMS Type Juggling Vulnerability
- ManageEngine Applications Manager AMUserResourcesSyncServlet SQL Injection RCE
- Bassmaster NodeJS Arbitrary JavaScript Injection Vulnerability
- DotNetNuke Cookie Deserialization RCE
- ERPNext Authentication Bypass and Server Side Template Injection
- openCRX Authentication Bypass and Remote Code Execution
- openITCOCKPIT XSS and OS Command Injection - Blackbox
- Concord Authentication Bypass to RCE
- Server-Side Request Forgery
- Guacamole Lite Prototype Pollution
- Atmail Mail Server Appliance: from XSS to RCE
- Conclusion

FOR EDUCATIONAL PURPOSES ONLY!