Slide Overview
Session 1
Intro
Burp Suite
Access Control
Unvalidated Redirects and SSRF
Session 2
Security Misconfiguration
Known Vulnerabilities
Cross-site scripting (XSS)
XML External Entities (XXE)
Session 3
SQL Injection
Path Injection
Command Injection
Sensitive Data Exposure
Session 4
Broken Authentication
Insecure Deserialization
Cross-site Request Forgery
Insufficient Logging and Monitoring
Buffer Overflow