learning case to prepare OSWE

Find file

Clone or download

Cannot retrieve the latest commit at this time.

Cannot retrieve the latest commit at this time.

Type	Name	Latest commit message	Commit time
	Failed to load latest commit information.
	README.md

README.md

offsec_WE

my learning case to prepare OSWE exam

work in progress...

Atmail Mail Server Appliance Case Study (CVE-2012-2593)
X-Cart Shopping Cart Case Study (CVE-2012-2570)
SolarWinds Orion Case Study - (CVE-2012-2577)
DELL SonicWall Scrutinizer Case Study - (CVE-2012-XXXX)
SolarWinds Storage Manager 5.10 - (CVE-2012-2576)
WhatsUp Gold 15.02 Case Study - (CVE-2012-2589)
Symantec Web Gateway Blind SQLi- (CVE-2012-2574)
AlienVault OSSIM - (CVE-2012-2594, CVE-2012-2599)
PHPNuke CMS Case Study - CVE - 2010-XXXXX
Symantec Web Gateway 5.0.3.18 RCE - CVE-2012-2953
FreePBX Elastix Remote Code Execution - CVE - 2012-XXXX

another resource:

https://sarthaksaini.com/2019/awae/xss-rce.html
https://securitycafe.ro/2015/01/05/understanding-php-object-injection/
https://github.com/wetw0rk/AWAE-PREP
https://github.com/timip/OSWE
https://www.youtube.com/watch?v=Xfbu-pQ1tIc&list=PLwvifWoWyqwqkmJ3ieTG6uXUSuid95L33
https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
https://github.com/qazbnm456/awesome-web-security/blob/master/README.md#practices-application
https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Deserialization_Cheat_Sheet.md
https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project
https://techblog.mediaservice.net/2017/05/reliable-discovery-and-exploitation-of-java-deserialization-vulnerabilities/
https://www.acunetix.com/blog/web-security-zone/deserialization-vulnerabilities-attacking-deserialization-in-js/
https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet

You can’t perform that action at this time.