Table of Contents
- Mindset and Methodologies
- Toolset for Web Attacks and Exploitation
- Attacking the Authentication Layer – a SAML Use Case
- Attacking Internet-Facing Web Applications – SQL Injection and Cross-Site Scripting (XSS) on WordPress
- Attacking IoT Devices – Command Injection and Path Traversal
- Attacking Electron JavaScript Applications – from Cross-Site Scripting (XSS) to Remote Command Execution (RCE)
- Attacking Ethereum Smart Contracts – Reentrancy, Weak Sources of Randomness, and Business Logic
- Continuing the Journey of Vulnerability Discovery
