004 Whatweb | Elearn Portal

Autoplay
Autocomplete

Previous Lesson Complete and Continue

Web Security Expert - Penetration Testing & Bug Bounty

01 Introduction To Bug Bounty

1. What is Penetration Testing _ (5:43)
2.What is Bug Bounty _ (6:35)

02 Our Virtual Lab Setup

001 Virtual Box, Kali Linux Download (11:09)
002 Important - New Kali Linux Categories (1:26)
003 Kali Linux Installation (12:14)
004 OWASPBWA Installation (8:35)
005 Creating TryHackMe Account (2:47)
006 2 Paths (2:05)

03 Website Enumeration & Information Gathering

001 Website Enumeration - Theory (4:59)
002 Google Dorks (11:28)
003 Ping, Host, Nslookup (7:21)
004 Whatweb (8:52)
005 Dirb (6:20)
006 Nmap (11:28)
007 Nikto (6:32)

04 Introduction To Burpsuite

001 Burpsuite Configuration (7:47)
002 Burpsuite Intercept (7:27)
003 Burpsuite Repeater (7:48)
004 Burpsuite Intruder (9:20)

05 HTML Injection

001 HTML Injection - Theory (3:24)
002 HTML Injection 1 on TryHackMe (9:01)
003 HTML Injection 2 - Injecting User-Agent Header (3:49)
004 Injecting Cookie Field and Redirecting The Page (5:23)
005 Advance Example of HTML Injection (13:18)

06 Command Injection_Execution

001 Command Injection Theory (4:14)
002 Command Injection On TryHackMe and Blind Command Injection (9:55)
003 Solving Challenges With Command Injection (9:30)
004 Running PHP Reverse Shell With Command Execution Vulnerability (7:26)
005 Bypassing Input Filter And Executing Command (7:25)

07 Broken Authentication

001 Broken Authentication Theory (4:23)
002 Broken Authentication On TryHackMe (6:00)
003 Broken Authentication Via Cookie (4:30)
004 Basic Authorization in HTTP Request (6:34)
005 Forgot Password Challenge (8:21)
006 Session Fixation Challenge (5:09)

08 Bruteforce Attacks

001 Cluster Bomb Bruteforce (6:38)
002 Hydra Bwapp Form Bruteforce (12:20)
003 Hydra Post Request Form Bruteforce (5:24)
004 Bonus - Hydra SSH Attack (4:15)

09 Sensitive Data Exposure

001 Sensitive Data Exposure Example (10:11)

10 Broken Access Control

001 Broken Access Control - Theory (6:27)
002 Accessing passwd With BAC (4:24)
003 Ticket Price IDOR (6:33)

11 Security Misconfiguration

001 Security Misconfiguration - Default App Credentials (4:41)

12 Cross Site Scripting - XSS

001 XSS Theory (6:12)
002 Changing Page Content With XSS (10:53)
003 Bypassing Simple Filter (3:48)
004 Downloading a File With XSS Vulnerability (9:05)
005 DOM XSS Password Generator (5:35)
006 JSON XSS (8:09)
007 Old Vulnerable Real Applications (4:11)

13 SQL Injection

001 SQL Injection Theory (4:00)
002 Guide To Exploiting SQL Injection (8:00)
003 Getting Entire Database (5:25)
004 Extracting Passwords From Database (19:43)
005 Bypassing Filter In SQL Query (6:06)
006 Blind SQL Injection (11:38)

14 XML, XPath Injection, XXE

001 XPath Injection (6:23)
002 XPath Injection 2 (3:57)
003 XXE (7:22)

15 Components With Known Vulnerabilities

001 Components With Known Vulnerabilities Example (10:06)

16 Insufficient Logging And Monitoring

001 Insufficient Logging And Monitoring Example (4:01)

17 Monetizing Bug Hunting

001 Whats Next & How To Earn Money By Finding Vulnerabilities _ (11:35)

18 Bonus - Web Developer Fundamentals

001 Browsing the Web (6:00)
002 Breaking Google (3:00)
003 The Internet Backbone (5:29)
004 Traceroute (2:24)
005 HTML, CSS, Javascript (5:04)
006 Build Your First Website (7:50)
007 HTML Tags (8:39)
008 Your First CSS (13:42)
009 What Is Javascript_ (5:33)
010 Your First Javascript (11:41)
011 Javascript On Our Webpage (9:05)
012 HTTP_HTTPS (19:58)
013 Introduction To Databases (10:54)
014 SQL_ Create Table (5:15)
015 SQL_ Insert Into + Select (4:33)
016 What is PHP_ (5:16)

19 Bonus - Linux Terminal

001 Linux 1 - ls, cd, pwd, touch (13:46)
002 Linux 2 - sudo, nano, clear (7:00)
003 Linux 3 - ifconfig, nslookup, host (7:34)

Teach online with

004 Whatweb

Lesson content locked

If you're already enrolled, you'll need to login.

Enroll in Course to Unlock