Skip to content

arafr/web-attacks-detection-analysis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
attacks
attacks
 
 
guides
guides
 
 
media
media
 
 
.gitignore
.gitignore
 
 
readme.md
readme.md
 
 

Repository files navigation

This repository documents the knowledge and experience I gained while detecting, analyzing, and investigating web attacks using logs, HTTP traffic, and SIEM alerts on the LetsDefend platform.

Web Attacks

  1. SQL Injection
  2. Cross site scripting (XSS)
  3. Command injection
  4. Insecure Direct Object Reference (IDOR)
  5. Local File Inclusion (LFI)
  6. Open Redirection
  7. Directory Traversal
  8. Brute Force
  9. XML External Entity (XEE) Injection
  10. Server side template injection (SSTI)
  11. Expression Language Injection (ELI)
  12. Server side template injection (SSTI)
  13. HTTP Header Injection
  14. Server Side Request Forgery (SSRF)
  15. NoSQL Injection
  16. Application Server Attacks
  17. Web Shells
  18. Text4Shell
  19. Log4Shell
  20. F5-Big-IP
  21. JSON Web Token (JWT) Vulnerabilities
  22. SAML Vulnerabilities
  23. Deserialization Vulnerabilities
  24. Spring4Shell
  25. Analyzing Common Attacks

Quick Guides

References

This repo is based on my learnings from the LetsDefend Web Attack Detection and Analysis Path.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors