WebApp Hacking

A lot of talk has come around about the importance of web app hacking and exploiting of such apps. Here’s a repo of some of the more important – or let’s say – more frequently looked up information.

SQLi

MSSQL Injection Cheat Sheet
SQL Injection Cheat Sheet
EvilSQL Cheatsheet
RSnake SQL Injection Cheatsheet
Mediaservice.net SQLi Cheatsheet
MySQL Injection Cheat Sheet
Full MSSQL Injection PWNage
MS Access SQL Injection Cheat Sheet
Access SQL Injection
Testing for MS Access – OWASP
Security Override
Obfuscated SQL Injection attacks
Exploiting hard filtered SQL Injections
SQL Injection Attack
Advanced SQL Injection – LayerOne
Joe McCray – Advanced SQL Injection
Joseph McCray SQL Injection
sla.ckers.org
sqli2.pdf
SQL Server Version – SQLTeam.com
Overlooked SQL Injection
SQLInjectionCommentary

LFI / RFI

http://pastie.org/840199
LFI..Code Exec..Remote Root!
Local File Inclusion
DigiNinja

Directory traversal

Metasploit Penetration Testing

XSS

The Anatomy of Cross Site Scripting
Whitepapers – www.technicalinfo.net
Tales from the Crypto
InterN0T – Underground Security
BlackHat-EU-2010
Filter Evasion – Houdini on the Wire
HTML5 Security Cheatsheet
sla.ckers.org :: XSS Info
XSS of the Third Kind

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s