JUDGEMENT
Loyalty. Pride. Tradition
Since 1998 A.D.
* Title..: Pluralsight Web Application Penetration Testing Insecure Error Handling
* Date...: 12-02-2020
* Type...: Bookware
* Disks..: 8x15mb
Release notes:
Insecure error handling can lead to very severe
consequences and that's the reason why this subject is
interesting for penetration testers. In this course, Web
Application Penetration Testing: Insecure Error Handling,
you will learn how to test for insecure error handling in
modern web applications. First, you will discover different
types of insecure web server errors. You will see what
dangers can happen when the web server version is disclosed
in an error message. You will also see how the attacker can
steal sensitive data as a result of a cross-site scripting
attack via an error message. Next, you will learn about
insecure error handling in the context of login
functionality, which is one of most sensitive
functionalities in web applications. You will see how to
test for user enumeration via error messages and how to
test for insecure handling of many unsuccessful login
attempts. Finally, you will explore some of the most
dangerous errors in modern web applications (unhandled
exceptions and file inclusion errors). You will see how the
attacker can learn sensitive data as a result of triggering
an unhandled exception. You will also see how the attacker
can proceed from file inclusion errors to reading the
content of sensitive files. By the end of this course, you
will know how to test for insecure error handling in modern
web applications and how to prevent these problems from
happening.
More info:
https://www.pluralsight.com
Install notes:
Unrar, Learn and Enjoy!
GREETINGS:
AOD, CLASS, CROSSFiRE, JiOO, SAC, BBL
EVILISO, 4KIDS, SHOCK, MAGE, DYNAMiCS
Big thanks to all JGT sites, and
sites accepting us!
in memory of drawn by the honored
THEPROF FX/SAC
"judgement day is near..."