Google is kind enough to offer, for free (in typical Google fashion), a series of tutorials to teach users common web vulnerabilities. The only prerequisite is that you have some basic knowledge of web development.
There are two basic forms of hacking: black box and white box. Black box hacking is the attempt to find vulnerabilities in a website by manipulating data fields, URL parameters, and intercepting HTML request and response actions. White box is studying the source code of a web application to find vulnerabilities in that fashion.
Diving more in depth, these are the tutorials Gruyere offers:
- Cross-Site Scripting (XSS)
- Client State Manipulation
- Cross-Site Request Forgery (XSRF)
- Cross-Site Script Inclusion
- Path Traversal
- Denial of Service (DoS)
I plan to complete all of these tutorials to broaden my knowledge of web security.
No comments:
Post a Comment