|
Title: CEH v5 Module 12: Web Application Vulnerabilities Post by: don on November 15, 2006, 12:19:43 PM Web Application Setup
Web Application Hacking Anatomy of an Attack Web Application Threats Cross-Site Scripting/XSS Flaws o Countermeasures SQL Injection Command Injection Flaws o Countermeasures Cookie/Session Poisoning o Countermeasures Parameter/Form Tampering Buffer Overflow o Countermeasures Directory Traversal/Forceful Browsing o Countermeasures Cryptographic Interception Cookie Snooping Authentication Hijacking o Countermeasures Log Tampering Error Message Interception Attack Obfuscation Platform Exploits DMZ Protocol Attacks o Countermeasures Security Management Exploits Web Services Attacks Zero-Day Attacks Network Access Attacks TCP Fragmentation Hacking Tools o Instant Source o Wget o WebSleuth o BlackWidow o WindowBomb o Burp o cURL o dotDefender o Google Hacking o Acunetix Web Scanner o AppScan – Web Application Scanner o AccessDiver Source: http://www.eccouncil.org/EC-Council%20Education/ceh-course-outline.htm Don
Powered by SMF 1.1.7 |
SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com |