Web Hacking with Santeri
Santeri shared his approach to web pen penetration testing. He visited my ethical hacking course.
Santeri's top 3 favourite vulnerabilities are
- IDOR (?id=123 => id=124, also OWASP 1.)
- Path traversal (../../../etc/passwd)
- Server Side Template Injection - My name is {{6*7}}