Web Explotation

Teoría Basica

• Web
• HTML
• CSS
• JS
• SQL
• PHP

Temas de Web explotation

• ¿Qué es web explotation?
• Web for Pentester
  • SQL Injection
  • Directory transversal
  • File include
  • XSS
  • Code injection
  • Upload
  • LDAP atttacks
  • XML realted attacks
• NATAS
• PICO CTF 2019
• DVWA

Recursos

Seguridad en general

• https://trailofbits.github.io/ctf/intro/find.html

Teoria Basica

Comenzar en web

• https://developer.mozilla.org/en-US/docs/Learn
• https://developer.mozilla.org/en-US/docs/Learn/Getting_started_with_the_web

HTML

• https://developer.mozilla.org/en-US/docs/Learn/Getting_started_with_the_web/HTML_basics

CSS

• https://developer.mozilla.org/en-US/docs/Learn/Getting_started_with_the_web/CSS_basics

JS

• https://developer.mozilla.org/en-US/docs/Learn/Getting_started_with_the_web/JavaScript_basics

COMO TRABAJA INTERNET

• https://developer.mozilla.org/en-US/docs/Learn/Getting_started_with_the_web/How_the_Web_works

DATABASE

• https://developer.mozilla.org/en-US/docs/Glossary/Database
• https://www.oracle.com/database/what-is-database/
• https://www.youtube.com/watch?v=yoeV4Ex8C8U&ab_channel=CodigoCompilado: Bases de datos
• https://sqlzoo.net/wiki/SQL_Tutorial: plataforma para practicar base de datos

PHP

• https://www.w3schools.com/php/default.asp
• https://www.php.net/

Web explotation

• https://devopedia.org/web-exploitation : Que es web explotation
• https://primer.picoctf.com/#_web_exploits : teoria básica html, js, php y web explotation
• https://picoctf.org/learning_guides/Book-3-Web-Exploitation.pdf : teoria con enlaces
• https://ctf101.org/web-exploitation/overview/ : temas sobre web explotation

Laboratorios

Basico

• Web for Pentester: https://pentesterlab.com/exercises/web_for_pentester/course -> GUÍA
• Natas: https://overthewire.org/wargames/natas/
• PicoCTF 2019: https://2019game.picoctf.com/problems
• DVWA: https://dvwa.co.uk/ -> GUÍA

Intermedio

• https://portswigger.net/users/youraccount