Security specialty

Web Application Security

Browse every cataloged workflow for web application security, with source context, tags, and security framework mappings intact.

Complete collection

Skills in this domain

42 skills

cybersecuritySkill

Bypassing Authentication with Forced Browsing

Discovering and accessing unprotected pages, APIs, and administrative interfaces by enumerating URLs and bypassing authentication controls during authorized security assessments.

Web Application Security
authentication-bypassdirectory-enumerationffufforced-browsing+2
ATT&CK, 3 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting Broken Link Hijacking

Discover and exploit broken link hijacking vulnerabilities by identifying references to expired domains, decommissioned cloud resources, and dead external services that can be claimed by an attacker.

Web Application Security
blhbroken-link-hijackingdead-linkexpired-domain+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting HTTP Request Smuggling

Detecting and exploiting HTTP request smuggling vulnerabilities caused by Content-Length and Transfer-Encoding parsing discrepancies between front-end and back-end servers.

Web Application Security
burpsuitehttp-desyncowasppenetration-testing+2
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting IDOR Vulnerabilities

Identifying and exploiting Insecure Direct Object Reference vulnerabilities to access unauthorized resources by manipulating object identifiers in API requests and URLs.

Web Application Security
access-controlburpsuiteidorowasp+2
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting Insecure Deserialization

Identifying and exploiting insecure deserialization vulnerabilities in Java, PHP, Python, and .NET applications to achieve remote code execution during authorized penetration tests.

Web Application Security
deserializationowasppenetration-testingrce+2
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting Mass Assignment in REST APIs

Discover and exploit mass assignment vulnerabilities in REST APIs to escalate privileges, modify restricted fields, and bypass authorization controls by injecting unexpected parameters in API requests.

Web Application Security
api-securityautobindingmass-assignmentowasp-api+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting NoSQL Injection Vulnerabilities

Detect and exploit NoSQL injection vulnerabilities in MongoDB, CouchDB, and other NoSQL databases to demonstrate authentication bypass, data extraction, and unauthorized access risks.

Web Application Security
api-testingauthentication-bypassdatabase-securityinjection-attack+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting OAuth Misconfiguration

Identifying and exploiting OAuth 2.0 and OpenID Connect misconfigurations including redirect URI manipulation, token leakage, and authorization code theft during security assessments.

Web Application Security
authenticationauthorizationoauthoidc+2
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting Prototype Pollution in JavaScript

Detect and exploit JavaScript prototype pollution vulnerabilities on both client-side and server-side applications to achieve XSS, RCE, and authentication bypass through property injection.

Web Application Security
dom-xssjavascriptnode-jsproperty-injection+4
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting Race Condition Vulnerabilities

Detect and exploit race condition vulnerabilities in web applications using Turbo Intruder's single-packet attack technique to bypass rate limits, duplicate transactions, and exploit time-of-check-to-time-of-use flaws.

Web Application Security
burp-suiteconcurrencylimit-overrunrace-condition+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting Server-Side Request Forgery

Identifying and exploiting SSRF vulnerabilities to access internal services, cloud metadata, and restricted network resources during authorized penetration tests.

Web Application Security
burpsuitecloud-securityowasppenetration-testing+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting SQL Injection with sqlmap

Detecting and exploiting SQL injection vulnerabilities using sqlmap to extract database contents during authorized penetration tests.

Web Application Security
database-securityowasppenetration-testingsql-injection+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting Template Injection Vulnerabilities

Detecting and exploiting Server-Side Template Injection (SSTI) vulnerabilities across Jinja2, Twig, Freemarker, and other template engines to achieve remote code execution.

Web Application Security
owasppenetration-testingrcessti+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting Type Juggling Vulnerabilities

Exploit PHP type juggling vulnerabilities caused by loose comparison operators to bypass authentication, circumvent hash verification, and manipulate application logic through type coercion attacks.

Web Application Security
authentication-bypassloose-comparisonmagic-hashphp-security+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Exploiting WebSocket Vulnerabilities

Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.

Web Application Security
burpsuiteowasppenetration-testingreal-time+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Implementing Web Application Logging with ModSecurity

Configure ModSecurity WAF with OWASP Core Rule Set (CRS) for web application logging, tune rules to reduce false positives, analyze audit logs for attack detection, and implement custom SecRules for application-specific threats. The analyst configures SecRuleEngine, SecAuditEngine, and CRS paranoia levels to balance security coverage with operational stability. Activates for requests involving WAF configuration, ModSecurity rule tuning, web application audit logging, or CRS deployment.

Web Application Security
audit-loggingcrsmodsecurityowasp+3
ATT&CK, 4 mappingsNIST CSF, 4 mappingsATLAS, 3 mappingsAI RMF, 3 mappings
cybersecuritySkill

Performing Blind SSRF Exploitation

Detect and exploit blind Server-Side Request Forgery vulnerabilities using out-of-band techniques, DNS interactions, and timing analysis to access internal services and cloud metadata endpoints.

Web Application Security
blind-ssrfburp-collaboratorcloud-metadatainternal-network+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing Clickjacking Attack Test

Testing web applications for clickjacking vulnerabilities by assessing frame embedding controls and crafting proof-of-concept overlay attacks during authorized security assessments.

Web Application Security
clickjackingowasppenetration-testingui-redressing+2
ATT&CK, 4 mappingsNIST CSF, 4 mappingsATLAS, 2 mappingsAI RMF, 2 mappings
cybersecuritySkill

Performing Content Security Policy Bypass

Analyze and bypass Content Security Policy implementations to achieve cross-site scripting by exploiting misconfigurations, JSONP endpoints, unsafe directives, and policy injection techniques.

Web Application Security
content-security-policycsp-bypassjsonpnonce-bypass+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing CSRF Attack Simulation

Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit authenticated user sessions during authorized security assessments.

Web Application Security
burpsuitecsrfowasppenetration-testing+2
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing Directory Traversal Testing

Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on the server by manipulating file path parameters.

Web Application Security
directory-traversallfiowasppath-traversal+2
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing GraphQL Security Assessment

Assessing GraphQL API endpoints for introspection leaks, injection attacks, authorization flaws, and denial-of-service vulnerabilities during authorized security tests.

Web Application Security
api-securitygraphqlintrospectionowasp+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing HTTP Parameter Pollution Attack

Execute HTTP Parameter Pollution attacks to bypass input validation, WAF rules, and security controls by injecting duplicate parameters that are processed differently by front-end and back-end systems.

Web Application Security
hpphttp-parameter-pollutioninput-validationparameter-injection+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing Second-Order SQL Injection

Detect and exploit second-order SQL injection vulnerabilities where malicious input is stored in a database and later executed in an unsafe SQL query during a different application operation.

Web Application Security
blind-injectiondatabase-securitypersistent-sqlisecond-order-sqli+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing Security Headers Audit

Auditing HTTP security headers including CSP, HSTS, X-Frame-Options, and cookie attributes to identify missing or misconfigured browser-level protections.

Web Application Security
csphardeninghstsowasp+3
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing Subdomain Enumeration with Subfinder

Enumerate subdomains of target domains using ProjectDiscovery's Subfinder passive reconnaissance tool to map the attack surface during security assessments.

Web Application Security
attack-surfacebug-bountyosintpassive-recon+3
ATT&CK, 6 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing Web Application Firewall Bypass

Bypass Web Application Firewall protections using encoding techniques, HTTP method manipulation, parameter pollution, and payload obfuscation to deliver SQL injection, XSS, and other attack payloads past WAF detection rules.

Web Application Security
encoding-bypasspayload-obfuscationsql-injectionwaf-bypass+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing Web Cache Deception Attack

Execute web cache deception attacks by exploiting path normalization discrepancies between CDN caching layers and origin servers to cache and retrieve sensitive authenticated content.

Web Application Security
cache-keycache-poisoningcdn-attackcloudflare+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Performing Web Cache Poisoning Attack

Exploiting web cache mechanisms to serve malicious content to other users by poisoning cached responses through unkeyed headers and parameters during authorized security tests.

Web Application Security
burpsuitecache-poisoningcdnowasp+2
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing API Security with OWASP Top 10

Systematically assessing REST and GraphQL API endpoints against the OWASP API Security Top 10 risks using automated and manual testing techniques.

Web Application Security
api-securityburpsuitegraphqlowasp+3
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing CORS Misconfiguration

Identifying and exploiting Cross-Origin Resource Sharing misconfigurations that allow unauthorized cross-domain data access and credential theft during security assessments.

Web Application Security
burpsuitecorsowasppenetration-testing+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for Broken Access Control

Systematically testing web applications for broken access control vulnerabilities including privilege escalation, missing function-level checks, and insecure direct object references.

Web Application Security
access-controlauthorizationowasppenetration-testing+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for Business Logic Vulnerabilities

Identifying flaws in application business logic that allow price manipulation, workflow bypass, and privilege escalation beyond what technical vulnerability scanners can detect.

Web Application Security
burpsuitebusiness-logicmanual-testingowasp+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for Email Header Injection

Test web application email functionality for SMTP header injection vulnerabilities that allow attackers to inject additional email headers, modify recipients, and abuse contact forms for spam relay.

Web Application Security
contact-formcrlf-injectionemail-injectionemail-security+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for Host Header Injection

Test web applications for HTTP Host header injection vulnerabilities to identify password reset poisoning, web cache poisoning, SSRF, and virtual host routing manipulation risks.

Web Application Security
cache-poisoningheader-manipulationhost-header-injectionpassword-reset-poisoning+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for JSON Web Token Vulnerabilities

Test JWT implementations for critical vulnerabilities including algorithm confusion, none algorithm bypass, kid parameter injection, and weak secret exploitation to achieve authentication bypass and privilege escalation.

Web Application Security
algorithm-confusionauthentication-bypassjku-attackjson-web-token+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for Open Redirect Vulnerabilities

Identify and test open redirect vulnerabilities in web applications by analyzing URL redirection parameters, bypass techniques, and exploitation chains for phishing and token theft.

Web Application Security
open-redirectowaspphishingredirect-bypass+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for Sensitive Data Exposure

Identifying sensitive data exposure vulnerabilities including API key leakage, PII in responses, insecure storage, and unprotected data transmission during security assessments.

Web Application Security
api-keysdata-exposureowasppenetration-testing+3
ATT&CK, 4 mappingsNIST CSF, 4 mappingsATLAS, 3 mappingsAI RMF, 3 mappings
cybersecuritySkill

Testing for XML Injection Vulnerabilities

Test web applications for XML injection vulnerabilities including XXE, XPath injection, and XML entity attacks to identify data exposure and server-side request forgery risks.

Web Application Security
dtd-attackentity-injectionweb-securityxml-injection+3
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for XSS Vulnerabilities with Burp Suite

Identifying and validating cross-site scripting vulnerabilities using Burp Suite's scanner, intruder, and repeater tools during authorized security assessments.

Web Application Security
burpsuitecross-site-scriptingowasppenetration-testing+2
ATT&CK, 4 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing for XXE Injection Vulnerabilities

Discovering and exploiting XML External Entity injection vulnerabilities to read server files, perform SSRF, and exfiltrate data during authorized penetration tests.

Web Application Security
burpsuiteowasppenetration-testingweb-security+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings
cybersecuritySkill

Testing JWT Token Security

Assessing JSON Web Token implementations for cryptographic weaknesses, algorithm confusion attacks, and authorization bypass vulnerabilities during security engagements.

Web Application Security
authenticationburpsuitejwtpenetration-testing+2
ATT&CK, 5 mappingsNIST CSF, 4 mappings