Light

j-charles7 / hackademy Goto Github PK

View Code? Open in Web Editor NEW

0.0 2.0 1.0 694 KB

HackAdemy is docmentation platform dealing with Web Applications Flaws and Vulnerabilities

License: GNU General Public License v3.0

hackademy's Introduction

This project aims at setting a base of information dealing with common web appplication weaknesses and vulnerabilities.

Organization

In fact, there is a directory dedicated to each vulnerability. Within this, relevant and consistent information are fed. This information is supposed to be both theorical and technical; but mostly technical. Therefore, we are trying, as much as possible, to start from scratch for the best understanding of the readers.

Here is the general structure of each case:

Lexic
Overview
- Acronyms - Definition
- Exploitability
- Impact
- Components (server, client, etc)
- Types
How to test/check for
- Whitebox
- Graybox
- Blackbox
Vulnerability exploitation samples
Presence detection
Countermeasures guidelines
- Server side
- Client side
- Possible policy(ies)
Countermeasures implementation
Common exploitation tools

Progression

Contribution

If you want to contribute to our project, we will happily welcome you! But please, take some time to read this first.

License

This project is under GPLv3 License which terms can be found here.

hackademy's People

Contributors

Watchers

Forkers

aubinho93

hackademy's Issues

WAF/IDS/IPS

Specify guidelines
Show technical implementation with a WAF
Give example of existing WAF/IDS/IPS

How to test for (Black, White, Gray)

PHP Implementation

Countermeasures - Client side

Exploitability

Define properly an accurate way to organize the Vulns information structure.

Countermeasures - Policies

Impact

HTTP Only Implementation

Types

Countermeasures - Implementation

Python Implementation

Vulnerability Bulletin Template

Start and Complete the creation of the template

Components

Documentation of Flask escape function

Countermeasures guidelines

Impact

Examples of sanitized inputs XssCleaner

CORS avec exemple

ASP.Net Implementation

Real case for dissection selection

Vulnerability exploitation samples

Acronyms - definition

Presence detection

Common exploitation tools

Vulnerability exploitation samples

Countermeasures - Server side

Java Implementation

Components (server, client, etc)

Dissect a real case (in every possible detail) of an important known SQLi

Attack scenario

Find a way to ease navigation and readabiliaty

Presence detection

How to prevent DBs banner disclosure

Describe methods for banner grabbing denial

Come up with a plan on CSRF documentation

Exploitation and detection tools comparison

SOP Implementation

Node.JS

Single definition

HTTP Only with Python Flask

Exploitability

Types

Implémentation RUST

Add Possible Tiers between Client and Server

Beef XSS - Introduction/Basics

DB fingerprinting

Next items to explore

Think about CSRF and SQL Injection and other injections : XML, JSON, LDAP, REST, SOAP

Conf call

Report every Tuesday, Thursday and Saturday at 10 PM o'clock!

C# Implementation

Common exploitation tools

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.