Web Application Attacks

13.1 - Essential Iceweasel Add-ons 13.2 - Cross Site Scripting (XSS) 13.2.1 - Browser Redirection and IFRAME Injection 13.2.2 - Stealing Cookies and Session Information 13.2.3 - Exercises 13.3 - File Inclusion Vulnerabilities 13.3.1 - Local File Inclusion 13.3.2 - Remote File Inclusion 13.4 - MySQL SQL Injection 13.4.1 - Authentication Bypass 13.4.2 - Enumerating the Database 13.4.3 - Column Number Enumeration 13.4.4 - Understanding the Layout of the Output 13.4.5 - Extracting Data from the Database 13.4.6 - Leveraging SQL Injection for Code Execution 13.5 - Web Application Proxies13.5.1 - Exercises13.6 - Automated SQL Injection Tools 13.6.1 - Exercises