Skip to content
/ The-Art-of-Discovering-Web-Application-Vulnerabilities-from-Beginning-to-Professionalism-Book.AR-ver Public

The Art of Discovering Web Application Vulnerabilities from Beginning to Professionalism Book. Arabic Version (Dr. Eng. Ahmed Hashem El Fiky)

www.researchgate.net/profile/ahmed-el-fiky
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AhmedHashemElFiky/The-Art-of-Discovering-Web-Application-Vulnerabilities-from-Beginning-to-Professionalism-Book.AR-ver

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
BookCover.pdf
BookCover.pdf
 
 
Ch Instructor Info Arabic.pdf
Ch Instructor Info Arabic.pdf
 
 
Ch0 Introduction Arabic.pdf
Ch0 Introduction Arabic.pdf
 
 
Ch1 Information Gathering Arabic.pdf
Ch1 Information Gathering Arabic.pdf
 
 
Ch10 Redirection Vulnerabilities Arabic.pdf
Ch10 Redirection Vulnerabilities Arabic.pdf
 
 
Ch11 ClickJacking Vulnerability Arabic.pdf
Ch11 ClickJacking Vulnerability Arabic.pdf
 
 
Ch12 SSRF Vulnerability Arabic.pdf
Ch12 SSRF Vulnerability Arabic.pdf
 
 
Ch13 Rate-Limit Vulnerability Arabic.pdf
Ch13 Rate-Limit Vulnerability Arabic.pdf
 
 
Ch14 Web Pentesting Tips Arabic.pdf
Ch14 Web Pentesting Tips Arabic.pdf
 
 
Ch15 File Inclusion Vulnerabilities Arabic.pdf
Ch15 File Inclusion Vulnerabilities Arabic.pdf
 
 
Ch16 Path Traversal Vulnerability Arabic.pdf
Ch16 Path Traversal Vulnerability Arabic.pdf
 
 
Ch17 RCE Vulnerability Arabic.pdf
Ch17 RCE Vulnerability Arabic.pdf
 
 
Ch18 Session Hijacking Vulnerability Arabic.pdf
Ch18 Session Hijacking Vulnerability Arabic.pdf
 
 
Ch19 HTTP Header Vulnerabilities Arabic.pdf
Ch19 HTTP Header Vulnerabilities Arabic.pdf
 
 
Ch2 XSS Vulnerability Arabic.pdf
Ch2 XSS Vulnerability Arabic.pdf
 
 
Ch20 Sub-Domain TakeOver Vulnerability Arabic.pdf
Ch20 Sub-Domain TakeOver Vulnerability Arabic.pdf
 
 
Ch21 Authentication Vulnerability Arabic.pdf
Ch21 Authentication Vulnerability Arabic.pdf
 
 
Ch22 JWT Vulnerability Arabic.pdf
Ch22 JWT Vulnerability Arabic.pdf
 
 
Ch23 HTTP Splitting Vulnerability Arabic.pdf
Ch23 HTTP Splitting Vulnerability Arabic.pdf
 
 
Ch24 Web Vulnerabilities Summary Arabic.pdf
Ch24 Web Vulnerabilities Summary Arabic.pdf
 
 
Ch3 SQLI Vulnerability Arabic.pdf
Ch3 SQLI Vulnerability Arabic.pdf
 
 
Ch4 CSRF Vulnerability Arabic.pdf
Ch4 CSRF Vulnerability Arabic.pdf
 
 
Ch5 Insecure Deserialization Vulnerability Arabic.pdf
Ch5 Insecure Deserialization Vulnerability Arabic.pdf
 
 
Ch6 XPath Vulnerability Arabic.pdf
Ch6 XPath Vulnerability Arabic.pdf
 
 
Ch7 XXE Vulnerability Arabic.pdf
Ch7 XXE Vulnerability Arabic.pdf
 
 
Ch8 Input Handling Approaches Arabic.pdf
Ch8 Input Handling Approaches Arabic.pdf
 
 
Ch9 IDOR Vulnerability Arabic.pdf
Ch9 IDOR Vulnerability Arabic.pdf
 
 
README.md
README.md
 
 

Repository files navigation

The Art of Discovering Web Application Vulnerabilities from Beginning to Professionalism

To the brave people of Palestine 🇵🇸, the author (Dr. Eng. Ahmed Hashem El Fiky) presents to you this book as a token of solidarity with you in your struggle against the Israeli aggressor. We hope that science and knowledge will be our weapon in building a free and independent Arab homeland.

"The Art of Detecting Web Application Vulnerabilities from Beginning to Professionalism" is a comprehensive and integrated guide that aims to teach the reader how to discover and exploit web application vulnerabilities in a systematic and practical manner. The book covers application security fundamentals and advanced details, with real-world examples and practical applications, making it an important reference for beginners and professionals in the field of information security.

The book is an ongoing charity from the author (Dr. Eng. Ahmed Hashem El Fiky), aiming to spread knowledge and contribute to improving the security of web applications. We hope to spread it widely so that everyone can benefit from it.

Table of Contents

  1. Introduction
  2. Information Gathering
  3. XSS Vulnerability
  4. SQLI Vulnerability
  5. CSRF Vulnerability
  6. Insecure Deserialization Vulnerability
  7. XPath Vulnerability
  8. XXE Vulnerability
  9. Input Handling Methods
  10. IDOR Vulnerability
  11. Redirection Vulnerability
  12. ClickJacking Vulnerability
  13. SSRF Vulnerability
  14. Rate-Limit Vulnerability
  15. Web Penetration Testing Tips
  16. File Include Vulnerability
  17. Path Traversal Vulnerability
  18. RCE Vulnerability
  19. Session Hijacking Vulnerability
  20. HTTP Headers Vulnerability
  21. SubDomain TakeOver Vulnerability
  22. Authentication Vulnerability
  23. JWT Vulnerability
  24. HTTP Splitting Vulnerability
  25. Web Vulnerabilities Summary

Overview of Chapters

0. Introduction

An overview of the importance of web application security and the goals of this book.

1. Information Gathering

Techniques and tools for collecting information about web applications before testing.

2. XSS Vulnerability

Understanding Cross-Site Scripting (XSS), its types, and how to detect and exploit it.

3. SQLI Vulnerability

An in-depth look at SQL Injection vulnerabilities, methods of detection, and exploitation techniques.

4. CSRF Vulnerability

Exploring Cross-Site Request Forgery (CSRF), its impact, and prevention strategies.

5. Insecure Deserialization Vulnerability

Understanding deserialization issues and their exploitation in web applications.

6. XPath Vulnerability

Examining XPath Injection attacks and methods to identify and exploit them.

7. XXE Vulnerability

Learning about XML External Entity (XXE) attacks and how to prevent them.

8. Input Handling Methods

Best practices for handling user input to prevent common vulnerabilities.

9. IDOR Vulnerability

Understanding Insecure Direct Object References (IDOR) and how to detect and exploit them.

10. Redirection Vulnerability

Exploring open redirection vulnerabilities and their potential impact.

11. ClickJacking Vulnerability

Techniques to detect and mitigate ClickJacking attacks.

12. SSRF Vulnerability

Server-Side Request Forgery (SSRF) vulnerabilities and how to identify and exploit them.

13. Rate-Limit Vulnerability

Examining the importance of rate limiting and how to test for rate-limit vulnerabilities.

14. Web Penetration Testing Tips

General tips and best practices for conducting effective web penetration tests.

15. File Include Vulnerability

Understanding File Inclusion vulnerabilities and their exploitation.

16. Path Traversal Vulnerability

Detecting and exploiting Path Traversal vulnerabilities.

17. RCE Vulnerability

Remote Code Execution (RCE) vulnerabilities and methods to identify and exploit them.

18. Session Hijacking Vulnerability

Techniques to hijack web sessions and how to protect against such attacks.

19. HTTP Headers Vulnerability

The importance of secure HTTP headers and how to test for vulnerabilities in them.

20. SubDomain TakeOver Vulnerability

Identifying and exploiting SubDomain TakeOver vulnerabilities.

21. Authentication Vulnerability

Common authentication issues and how to test for authentication vulnerabilities.

22. JWT Vulnerability

Understanding JSON Web Token (JWT) vulnerabilities and methods to exploit them.

23. HTTP Splitting Vulnerability

Learning about HTTP Response Splitting attacks and prevention strategies.

24. Web Vulnerabilities Summary

A summary of the key points and techniques covered in the book.

We hope this book serves as a valuable resource for anyone looking to enhance their knowledge and skills in web application security.

About

The Art of Discovering Web Application Vulnerabilities from Beginning to Professionalism Book. Arabic Version (Dr. Eng. Ahmed Hashem El Fiky)

www.researchgate.net/profile/Ahmed-El-Fiky

Topics

webpentesting

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published