../

2024-07-22

Progression on learning plateforms

- Portswigger

Portswigger

Server-side topic

SQL njection
Authentication
Path traversal
Command injection
Business logic vulnerabilities
Information disclosure
Access control
File upload vulnerabilities
Race conditions
SSRF
XXE injection
NoSQL Injection
API testing

Client-side topics

XSS
CSRF
Cross-origin resource sharing - CORS
DOM-based vulnerabilities
WebSockets

Advanced Topics

Insecure deserialization
Web LLM attacks
GraphQL API vulnerabilities
SSTI
Web cache poisonning
HTTP Host header attacks
HTTP request smuggling
OAuth authentification
JWT attacks
Prototype pollution
Essential skills