Explore the latest techniques, tools, and vulnerability data for penetration testing and security in this 46-minute conference talk from APPSEC Cali 2018. Delve into cutting-edge approaches for discovery, cross-site scripting (XSS), server-side template injection, server-side request forgery, code injection (including SQL, PHP, and more), XML external entity (XXE) attacks, exploiting misconfigured infrastructure, continuous integration (CI) systems, and code repositories. Learn from Jason Haddix, Head of Trust and Security at Bugcrowd, as he builds upon his previous Bug Hunter's Methodology 1.0 presentation, offering valuable insights for both seasoned security professionals and aspiring bug hunters.
The Bug Hunter's Methodology 2.0 - Advanced Web Application Security Testing
Overview
Syllabus
APPSEC Cali 2018 - The Bug Hunter's Methodology 2.0
Taught by
OWASP Foundation
Related Courses
-
Intro to Bug Bounty Hunting and Web Application Hacking
-
Web Application Hacking & Penetration Testing
-
Learn Bug Bounty Hunting & Web Security Testing From Scratch
-
Web Application Penetration Testing: Input Validation
-
Web Application Ethical Hacking - Penetration Testing Course for Beginners
4.1 -
Web Application Penetration Testing: Client-side Testing
