4.crt.sh | Elearn Portal

Autoplay
Autocomplete

Previous Lesson Complete and Continue

Bug Bounty - Web Hacking

1.INTRODUCTION

1.Promo (0:57)
2.Introduction (1:14)
3.Disclaimer (0:38)
4.Make Kali Linux Bootable (3:50)
5.Set up Kali Linux in Vmware (2:25)
6.Kali Linux Latest Version (3:41)
7.Setting up Metasploitable (1:29)

2.LET'S GET STARTED

2. Free VPN to hide your location (2:11)
3.DVWA installation in windows (4:30)
1.Github (2:38)

3.TOOLS

4.WORDPRESS HACKING

1.WP Scan (4:40)
2.WP Scan Codex (4:48)
3.WP Scan Template Monster (7:34)
4.WP Scan theme (3:21)
5.WP Scan User (1:04)
6.CMS Map (2:35)

5.CROSS-SITE SCRIPTING (XSS)

1.XSS Demo (2:39)
2.Manual building xss vector 1 (3:00)
3.Manual building xss vector 2 (2:34)
4.Manual building xss vector 3 (2:32)
5. Exploitation of XSS Phishing Through XSS (2:16)
6.XSS Through Filter Bypassed XSS payloads on Lab (3:21)
7.XSS Lenovo Yahoo (1:30)
8.XSS Uber (2:38)
9.XSS Paypal (1:38)
10.XSS WhatsApp Facebook (1:45)
11.Counter Measures for XSS (2:21)

6.SQL INJECTION (SQLI)

1.SQL Drupal (2:33)
2.Facebook SQL Injection (1:45)
3. Scanning for SQL injection using nmap (2:04)
4.Counter Measures for SQL (2:48)
5.Template Injection (1:39)
6.Checking vulnerable website (2:03)
7.Manipulating Parameters (1:53)

7.CLICKJACKING

1.Clickjacking (2:37)
2.Clickjacking Report (1:16)
3.Clickjacking Injection Similar Report (1:12)
4.IFrame Demo (0:48)

8.OPEN REDIRECT VULNERABILITY

1.Open Redirect Report (2:20)
2.Open Redirect Similar Report (1:05)

9.CROSS-SITE REQUEST FORGERY (CSRF)

1.CSRF (Change Password) Demo (1:23)
2.CSRF Injection (1:58)
3.CSRF Townwars (0:56)
4.CRF Badoo (2:07)
5.CRLF Injection Similar Report (1:17)
6.Shellshock (1:08)
7. SSRF (1:26)
8.SSRF Similar Report (1:33)

10.FULL PATH DISCLOSURE

4.Insecure Direct object References (2:10)
1.Full Path Disclosure (2:01)
2.Full Path Disclosure Similar Report (0:54)
3.Insecure Cryptographic Storage (1:51)

11.BROKEN AUTHENTICATION AND SESSION MANAGEMENT

1.Authorization (4:14)
2.Broken Auth - Insecure Login Forms demo (1:32)
3.Broken authentication logout management (1:21)
4.Privilege (1:46)
5.Privilege bookfresh (1:26)
6.Testing for privilege (1:50)
7.Session Mgmt - Administrative Portals (0:41)
8.session report (2:51)
9.Application Logic Report (1:56)
10.Application Logic similar Report (1:20)

12.HTML INJECTION

1.HTML Injection Detection (2:56)
3.HTML Injection similar Report (1:05)
2.html injection report (2:34)
4.html injection demo (2:10)
5.XML external entity (1:38)
6.XXE similar Reports (1:09)

13.SUB DOMAIN TAKE OVER

1.sub domain take over (3:21)
2.Sub Domain Take Over Report (1:44)
3.Remote file Insulation (1:40)

14.REMOTE CODE EXECUTION

1.Remote Code Execution (1:51)
2. Remote Code Execution similar Reports (0:57)
3.Cookies (3:27)
4.crt.sh (1:25)
5.Sensitive Data Exposure (2:12)
6.Buffer Overflow (3:33)
7.Buffer Overflow Similar Report (1:22)
8.IDOR (1:35)
9.IDOR Similar Report (1:08)
10.DNS misconfiguration (2:29)
11.DNS Misconfiguration Similar Reports (1:21)

15.DENAIL OF SERVICE (DOS)

1.Denail of service (DoS) (2:33)
2.Bruteforce (3:12)
3.DOS report (1:45)
4.DOS similar report (1:15)
5.Finding Report using Google (4:08)
6.Searching Similar Reports (1:57)
7.HTTP Parameter Pollution (1:31)
8.OSINT (1:43)

16.MISCELLANEOUS

1.DVWA Security Setup (1:34)
2.Command Injection On Lab (4:38)
3.Detecting and Exploiting File Upload Vulnerabilities_Z_ (3:42)
4.Using ZAP to Scan Target Website For Vulnerabilities (2:46)
5.Analysing Scan Result (2:04)
6.SPF Record Validation (2:42)
7.Code Disclosure on Lab (4:12)
8.where you can find vulnerabilities (3:25)
9.Information Disclosure - Robots File (3:07)
10.Unrestricted File Upload (3:04)

17.METHODOLOGY

1.Methodology (5:01)
2.Analyze the Application (1:57)
3.Test Client-side Controls (2:22)
4.Authentication Mechanism (2:49)
5.Test Session (3:47)
6.Test Access Control (1:47)
7.Test for input-based vulnerabilities (3:02)
8.Test for Function (3:44)

Teach online with

4.crt.sh

Lesson content locked

If you're already enrolled, you'll need to login.

Enroll in Course to Unlock