Web app hacking

Tips and tricks

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition

Security bugs are just bugs

Attack vs defense



Black box vs White box

White box

Black box

Recon, recon, recon

It is boring

But if you do it right...

Find the weakest spot

Hitting the target


Reflected XSS

Stored / Persistent XSS


Many other types of Injection

  • SQL injection
  • Bash injection
  • LDAP injection
  • XML injection

User login

Things to look at

  • Check cookies
  • Reset and remember me options
  • LDAP injection
  • Timing attacks
  • User enumeration

JWT Vulnerability

File upload

Things to look at

  • Serialisation and Deserialisation problems
  • CSV injection
  • Path traversal
  • Remote code execution (PHP, JSP and etc)


Access Controls

Things to look at

  • Vertical privilege escalation
  • Horizontal privilege escalation
  • "Security through obscurity"

Hack the assumptions

Web app hacking

By Mário Areias

Web app hacking

  • 496