Web Application Attack Paths on Tryhackme
3Tryhackme: Web Application Attack Paths
Web Application Attack Paths onTryhackme
I'm going through some web application training on THM as supplementary training for TCM Practical Junior Web Tester (PJWT) exam. I've gone through the course work and labs, along with some labs on Portswigger Academy. Completed content over indirect object references (idor), cross-site scripting (xss), local file inclusion (LFI), remote file inclusion (RFI), SQL injection (SQLi), Server-Side template injection (SSTI), XML External Entity Injection (XXE), Insecure File Upload, Server-Side request forgery (SSRF), Client-Side request forgery (CSRF), vulnerability report writing and disclosure, common vulnerability scoring system (CVSS), and etc.
As of now there's only one course for the PJWT which is the Practical Bug Bounty course. Although previous experience with TCM has shown me the course work is enough to pass the exam, I want to push beyond the course material, injesting it in many forms and from many types of media.
The Tryhackme Path "Web Fundamentals" reads "The aim of this path is to teach you how to attack web applications. To successfully attack and exploit web applications, you need to understand how they work. The first section (Web Fundamentals) will give you all the pre-requisite knowledge on this. "
My Certifications:
Practical Network Penetration Tester (PNPT) : TCM Security - https://certifications.tcm-sec.com/pnpt/
Practical Junior Penetration Tester (PJPT): TCM Security - https://certifications.tcm-sec.com/pjpt/
Certified Ethical Hacker (CEH): EC-Council
--------------------
Socials:
Tryhackme: https://tryhackme.com/p/NoxLumens
Hackthebox: https://app.hackthebox.com/profile/179139
#tryhackme #webapplicationsecurity #PracticalJuniorWebTester