01 INTRODUCTION
02 INFORMATION GATHERING BASIC TERMINOLOGIES
03 INTRODUCTION OF BURP SUITE
04 COMPREHENSIVE XSS
-
008 Background-Concept-XSS (7:07)
-
009 Basic XSS (13:14)
-
010 Basic XSS on Lab (17:30)
-
011 Manual Building XSS Vector (17:59)
-
012 XSS through Filter Bypassed XSS payloads On Lab (10:54)
-
013 XSS On Live Websites (16:59)
-
014 XSS Hunting Live Part 1 (8:32)
-
015 XSS Hunting Live Part 2 (12:54)
-
016 XSS Hunting Live Part 3 (6:40)
-
017 XSS Through Header Parameter (3:40)
-
018 Reflected XSS Vs Stored XSS (3:35)
-
019 Exploitation of XSS - 1. URL Redirection (1:38)
-
020 Exploitation of XSS - 2. Phishing Through XSS (2:48)
-
021 Exploitation of XSS - 3. Cookie Stealing (6:41)
-
022 XSS Through File Uploading (3:40)
-
023 XSS Through Remote File Inclusion (1:33)
-
024 Convert Self XSS to Reflected XSS (2:46)
-
025 POC - 1 XSS Attack (1:44)
-
026 POC - 2 XSS Attack (0:58)
-
027 POC - 3 XSS Attack (1:09)
-
028 POC 4 XSS Attack (1:12)
-
029 POC 5 XSS Attack (1:31)
-
030 POC 6 XSS Attack (2:45)
-
031 POC 7 XSS Attack (0:57)
-
032 POC 8 XSS Attack (2:03)
05 HOST HEADER INJECTION
-
033 Overview of Host Header Injection (1:53)
-
034 Host Header Attack 1. Open Redirection (6:59)
-
035 Host Header Attack 2. Cache Poisoning (1:38)
-
036 Host Header Attack 3. Password Reset Poisoning (3:48)
-
037 Host Header Attack 4. XSS Through Host Header (2:42)
-
038 POC - 1 Host Header attack (0:50)
-
039 POC - 2 Host Header Attack (0:55)
-
040 POC - 3 Host Header Attack (0:53)
-
041 POC -4 Host Header Attack (0:51)
-
042 POC - 5 Host Header Attack (1:02)
-
043 POC - 6 Host Header Attack (1:20)
-
044 POC - 7 Host Header Attack (0:38)
06 URL REDIRECTION
-
045 Background Concept about URL Redirection (1:36)
-
045 URL-Redirection-Background
-
046 URL Redirection Through Get Parameter (9:50)
-
046 URL-Redirection-Through-Get-Parameter
-
047 URL Redirection Through Path Fragments (6:42)
-
048 POC of URL Redirection 1 (0:20)
-
050 POC 3 Open Redirection Vulnerability (0:27)
-
051 POC 4 Open Redirection Vulnerability (0:40)
-
052 POC 5 Open Redirection Vulnerability (1:01)
-
053 POC 6 Open Redirection Vulnerability Discovered by Dawood Ansar (1:18)
07 PARAMETER TAMPERING
-
054 Background Concept about Parameter Tampering (3:07)
-
054 Background-Parameter-Tampering
-
055 Parameter Tampering - Example 1 (3:56)
-
056 Parameter Tampering - Example 2 (2:58)
-
057 Parameter Tampering - Example 3 (3:18)
-
058 Parameter Tampering - Example 4 (4:32)
-
059 Parameter Tampering - Example 5 (4:22)
08 HTML INJECTION
09 FILE INCLUSION
10 MISSING INSUFFICIENT SPF RECORD
-
071 Background-SPF
-
071 Background Concept about Missing insufficient SPF record (2:16)
-
072 Testing-SPF
-
072 Testing SPF (3:08)
-
073 Exploitation of SPF (5:21)
-
074 POC 1 SPF (1:31)
-
075 POC 2 - SPF Vulnerability (1:17)
-
076 POC 3 - SPF Vulnerability (1:28)
-
077 POC 4 - SPF Vulnerability (1:48)
-
078 POC 5 - SPF Vulnerability (1:15)
11 INSECURE CORS CONFIGURATION
-
079 Background-Concept-Insecure-CORS
-
079 Background Concept about CORS (3:03)
-
080 Insecure-CORS-Response-Header
-
080 Insecure CORS by Checking Response Header (6:05)
-
081 Insecure CORS through Request Header (6:55)
-
081 Insecure-CORS-Through-Request-Header
-
082 exploitation-cors
-
082 Exploitation of Insecure CORS (11:20)
12 SERVER SIDE REQUEST FORGERY
13 CRITICAL FILE FOUND
14 SOURCE CODE DISCLOSURE
15 CROSS SITE REQUEST FORGERY
16 HOSTILE SUBDOMAIN TAKEOVER
17 SQL INJECTION
18 COMMAND INJECTION
19 FILE UPLOADING
20 XML EXTERNAL ENTITY INJECTION
21 THANK YOU
