Dive into a comprehensive 54-minute crash course on web application bug hunting, covering essential terminology, attack vectors, and foundational knowledge for aspiring application security professionals. Explore the ubiquity of applications, attack surfaces, and assessment tools while gaining hands-on experience with HTTP requests, BurpSuite, and various injection techniques. Discover how to identify and exploit vulnerabilities such as Reflected XSS and SQL Injection, and understand their potential impact on web applications. By the end of this informative session, acquire the fundamental skills needed to kickstart a career in application security and bug hunting.
Overview
Syllabus
Intro
About Denis
Why application security
Application is everywhere
Attack surface
Assessment
Tools
Understanding requests
HTTP is stateless
BurpSuit
Injection
What could happen
Example
Fundamentals
Reflected XSS
Where to find it
Dashboard
Why
SQL Injection
How to find vulnerabilities
Conclusion
Taught by
Kaspersky
