OSWENOTESBASICBYJOAS.pdf资源-CSDN文库

渗透测试

网络

需积分: 5 90 浏览量 2023-10-06 17:22:57 上传评论收藏 9.97MB PDF 举报

资源推荐

资源详情

资源评论

OSWE NOTES BASIC BY JOAS

https://www.linkedin.com/in/joas-antonio-dos-santos

Warning 
All content was taken from the internet and has the credits of their respective researchers 
and owners, just access the links. The most I did was gather the information based on my 
studies for OSWE together with a friend to help the community. There is no owner of the 
material, mainly there was no revision or formatting of the lyrics, as it is something done in a 
hurry and taken from a notepad for a document. 
Sumário 
Warning ......................................................................................................................................... 2 
Lab Simulation .............................................................................................................................. 3 
Web Traffic Inspection – Burp Suite ............................................................................................ 6 
Web Listerning with Python ....................................................................................................... 24 
Ruby HTTP Server ....................................................................................................................... 26 
dnSpy........................................................................................................................................... 34 
ILSpy ............................................................................................................................................ 37 
Reverse Engineering by Valdemar Caroe ................................................................................... 40 
Analyze Encryption and Decryption using DNSPY ..................................................................... 58 
DotNetNuke Vulnerabilities ....................................................................................................... 63 
DotNetNuke 07.04.00 - Administration Authentication Bypass ............................................... 66 
Decompiling Java Classes ........................................................................................................... 68 
Studying Java Programming ....................................................................................................... 75 
Vulnerability Challenges ............................................................................................................. 76 
Atmail Email Server Appliance 6.4 Remote Code Execution..................................................... 76 
XXE Injection ............................................................................................................................... 86 
Manual SQL Injection ............................................................................................................... 117 
Session Riding and Hijacking .................................................................................................... 135 
JavaScript and NodeJS Studying ............................................................................................... 140 
JavaScript Prototype Pollution ................................................................................................. 140 
Cross-Origin Resource Sharing (CORS) ..................................................................................... 145 
Relaxation of the same-origin policy .......................................................................... 145 
CSRF and OAUTH ................................................................................................................... 154 
XMLHttpRequest ...................................................................................................................... 155 
PHP Programming ..................................................................................................................... 178 
PHP Type Juggling ..................................................................................................................... 178 
Cross Site Scripting ................................................................................................................... 185 
Regex ......................................................................................................................................... 189 
Server Side Template Injection ................................................................................................ 190 