Web Exploitation

Websites around the world are created with various programming languages. There are vulnerabilities in each programming language that developers should be aware of to minimise the likelihood of an exploit.

No programming language is secure, it is as secure as the person and the given time it was implemented.

It is very common to show these types of vulnerabilities within CTF's for awareness.

Some examples include:

• Server Side Request Forgery

• Cross Site Scripting (XSS)

• Cross Site Request Forgery

• Directory/Path Traversal

• Command Injection

• SQL injection

• Brute Force Attacks

• Fuzzing Testing (Fuzzing)

• DDoS (Distributed Denial of Service)

• XML External Entity (XXE)