**Le PAD pour améliorer cette page :** https://pad.zenk-security.com/p/merci OSWE Certification Exam Guide https://support.offensive-security.com/oswe-exam-guide/ Tips from offsec about OSWE : https://twitter.com/offsectraining/status/1177221658622464000?s=19 **Reviews** review http://essentialexploit.com/AWAE.html review https://theevilbit.blogspot.com/2016/09/offensive-security-advanced-web-attacks.html Video review https://m.youtube.com/watch?v=AqNBtINEChw review and tips https://www.vesiluoma.com/offensive-security-web-expert-oswe-advanced-web-attacks-and-exploitation/ **OSWE Preperation** AWAE-Preparation - This post contains all trainings and tutorials that could be useful for offensive security’s OSWE certification. I will be updating the post during my lab and preparation for the exam. https://z-r0crypt.github.io/blog/2020/01/22/oswe/awae-preparation/ This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE https://github.com/ramihub/AWAE-PREP my learning case to prepare OSWE exam https://github.com/sailay1996/offsec_WE Preparation for coming AWAE Training. https://github.com/w4fz5uck5/OSWE This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE. https://github.com/M507/AWAE-Preparation Video OSWE Preperation https://www.youtube.com/playlist?list=PLwvifWoWyqwqkmJ3ieTG6uXUSuid95L33 Video DAY[0] Episode #11 - Offsec's OSWE/AWAE, Massive Security failures, and a handful of cool attacks https://www.youtube.com/watch?v=2-kJ7Kh_5C4 Video OSWE Preperation https://www.youtube.com/watch?v=Xfbu-pQ1tIc&list=PLwvifWoWyqwqkmJ3ieTG6uXUSuid95L33 Video Web Hacking MasterClass™ - Pre OSWE Course | Sagar Bansal https://www.youtube.com/watch?v=bo3bisXP2iM Video OSWE prep https://www.youtube.com/watch?v=t-zVC-CxYjw&list=PLL5n_4gj5JCw1aRrlVbdMCAugNz-ia3Wh OSWE PREP https://github.com/rinku191/OSWE-prepration/wiki/PHP-Dangerous-function Preparation for coming AWAE Training. Work in progress... https://github.com/timip/OSWE Preparation for coming AWAE Training. Work in progress... https://github.com/ManhNho/AWAE-OSWE This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by me and various courses. https://github.com/wetw0rk/AWAE-PREP AWAE/OSWE PREP https://medium.com/@mucomplex/oswe-awae-exam-experience-and-tips-fbd55bbdffb8 AWAE/OSWE PREP (Code analysis to gaining rce and automating everything with Python) https://sarthaksaini.com/2019/awae/xss-rce.html From AWAE to OSWE: The Preperation Guide https://hansesecure.de/2019/08/from-awae-to-oswe-the-preperation-guide/?lang=en Deep Dive into .NET ViewState deserialization and its exploitation https://medium.com/@swapneildash/deep-dive-into-net-viewstate-deserialization-and-its-exploitation-54bf5b788817 **Atmail Mail Server Appliance: from XSS to RCE (6.4) CVE-2012-2593** https://www.exploit-db.com/exploits/20009 https://github.com/sourceincite/poc/blob/master/SRC-2016-0012.py Atmail Webmail => 7.5 - Multiple Vulnerabilities https://cxsecurity.com/issue/WLB-2015020027 http://progdave.wikidot.com/basic-xss-attack http://progdave.wikidot.com/basic-csrf-attack **ATutor Authentication Bypass and RCE (2.2.1) CVE-2016-2555** **Install:** https://sourceforge.net/projects/atutor/files/atutor_2_2_1/ https://www.exploit-db.com/exploits/39514 https://srcincite.io/advisories/src-2016-0009/ https://www.exploit-db.com/exploits/39639 https://github.com/atutor/ATutor/commit/d74f1177cfa92ed8e49aa65f724f308b4a3ac5b9 **ATutor LMS Type Juggling Vulnerability (<=2.2.1) CVE-?** **Install:** https://sourceforge.net/projects/atutor/files/atutor_2_2_1/ https://srcincite.io/advisories/src-2016-0012/ https://github.com/sourceincite/poc/blob/master/SRC-2016-0012.py https://github.com/atutor/ATutor/commit/2eed42a74454355eddc7fc119e67af40dba1a94c **Reference: PHP Type Juggling** https://www.youtube.com/watch?v=ASYuK01H3Po https://www.netsparker.com/blog/web-security/type-juggling-authentication-bypass-cms-made-simple/ **ManageEngine Applications Manager AMUserResourcesSyncServlet SQL Injection RCE CVE-? Install:** http://archives.manageengine.com/applications_manager/12900 https://manageenginesales.co.uk/2018/05/manageengine-applications-manager-build-13730-released/ https://www.postgresql.org/docs/9.4/functions-binarystring.html https://www.mulesoft.com/tcat/tomcat-jsp **Extra: Deserialization Vulnerability** https://www.geeksforgeeks.org/serialization-in-java/ https://github.com/frohoff/ysoserial https://blog.jamesotten.com/post/applications-manager-rce/ https://www.youtube.com/watch?v=HaW15aMzBUM https://www.youtube.com/watch?v=fHZKSCMWqF4 **Bassmaster NodeJS Arbitrary JavaScript Injection Vulnerability (1.5.1) CVE-2014-7205 Install:** npm install bassmaster@1.5.1 https://www.npmjs.com/package/bassmaster https://www.rapid7.com/db/modules/exploit/multi/http/bassmaster_js_injection https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/bassmaster_js_injection.rb https://www.exploit-db.com/exploits/40689 https://vulners.com/nodejs/NODEJS:337 **DotNetNuke Cookie Deserialization RCE (<9.1.1) CVE-2017-9822 Install:** https://github.com/dnnsoftware/Dnn.Platform/releases/tag/v9.1.0 https://www.blackhat.com/docs/us-17/thursday/us-17-Munoz-Friday-The-13th-Json-Attacks.pdf https://media.blackhat.com/bh-us-12/Briefings/Forshaw/BH_US_12_Forshaw_Are_You_My_Type_WP.pdf https://gist.github.com/pwntester/72f76441901c91b25ee7922df5a8a9e4 https://paper.seebug.org/365/ https://www.youtube.com/watch?v=oUAeWhW5b8c https://vulners.com/seebug/SSV:96326 https://www.slideshare.net/MSbluehat/dangerous-contents-securing-net-deserialization https://www.exploit-db.com/docs/english/44756-deserialization-vulnerability.pdf