Introduction

With every attack try to get these following information from it:

• What is the attack.
• What is the impact of the attack.
• How can you find the attack so that you can make sure it you can actually attempt that attack or not.
• How can you exploit the attack which is helpful if you found the attack doable.
• How can you prevent the attack.

Web Application Vulnerability Scanners are automated exploitation tools that help us find the vulnerability in a given site.

• Examples are BurpSuite.

Server Side Vulnerabilities:

• SQLi
• Authentication
• Directory Traversal
• Command Injection
• Business logic Vulnerabilities
• Information Disclosure
• Access control
• File upload vulnerabilities
• SSRF