486 B
486 B
- In OWASP Broken Web Applications Project, use either the
- OWASP Mutillidae II
- or DVWA
- Demonstrate you can obtain a shell with the following
- An LFI vulnerability in the web application with file upload;
- An LFI vulnerability in the web application with contaminated logs; and
- An RFI vulnerability in the web application.
- Demonstrate attacks using SQL injection and Cross Site Scripting
- Provide documentation and proof of useful attacks in your report