Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Web Security Expert - Penetration Testing & Bug Bounty
01 Introduction To Bug Bounty
1. What is Penetration Testing _ (5:43)
2.What is Bug Bounty _ (6:35)
02 Our Virtual Lab Setup
001 Virtual Box, Kali Linux Download (11:09)
002 Important - New Kali Linux Categories (1:26)
003 Kali Linux Installation (12:14)
004 OWASPBWA Installation (8:35)
005 Creating TryHackMe Account (2:47)
006 2 Paths (2:05)
03 Website Enumeration & Information Gathering
001 Website Enumeration - Theory (4:59)
002 Google Dorks (11:28)
003 Ping, Host, Nslookup (7:21)
004 Whatweb (8:52)
005 Dirb (6:20)
006 Nmap (11:28)
007 Nikto (6:32)
04 Introduction To Burpsuite
001 Burpsuite Configuration (7:47)
002 Burpsuite Intercept (7:27)
003 Burpsuite Repeater (7:48)
004 Burpsuite Intruder (9:20)
05 HTML Injection
001 HTML Injection - Theory (3:24)
002 HTML Injection 1 on TryHackMe (9:01)
003 HTML Injection 2 - Injecting User-Agent Header (3:49)
004 Injecting Cookie Field and Redirecting The Page (5:23)
005 Advance Example of HTML Injection (13:18)
06 Command Injection_Execution
001 Command Injection Theory (4:14)
002 Command Injection On TryHackMe and Blind Command Injection (9:55)
003 Solving Challenges With Command Injection (9:30)
004 Running PHP Reverse Shell With Command Execution Vulnerability (7:26)
005 Bypassing Input Filter And Executing Command (7:25)
07 Broken Authentication
001 Broken Authentication Theory (4:23)
002 Broken Authentication On TryHackMe (6:00)
003 Broken Authentication Via Cookie (4:30)
004 Basic Authorization in HTTP Request (6:34)
005 Forgot Password Challenge (8:21)
006 Session Fixation Challenge (5:09)
08 Bruteforce Attacks
001 Cluster Bomb Bruteforce (6:38)
002 Hydra Bwapp Form Bruteforce (12:20)
003 Hydra Post Request Form Bruteforce (5:24)
004 Bonus - Hydra SSH Attack (4:15)
09 Sensitive Data Exposure
001 Sensitive Data Exposure Example (10:11)
10 Broken Access Control
001 Broken Access Control - Theory (6:27)
002 Accessing passwd With BAC (4:24)
003 Ticket Price IDOR (6:33)
11 Security Misconfiguration
001 Security Misconfiguration - Default App Credentials (4:41)
12 Cross Site Scripting - XSS
001 XSS Theory (6:12)
002 Changing Page Content With XSS (10:53)
003 Bypassing Simple Filter (3:48)
004 Downloading a File With XSS Vulnerability (9:05)
005 DOM XSS Password Generator (5:35)
006 JSON XSS (8:09)
007 Old Vulnerable Real Applications (4:11)
13 SQL Injection
001 SQL Injection Theory (4:00)
002 Guide To Exploiting SQL Injection (8:00)
003 Getting Entire Database (5:25)
004 Extracting Passwords From Database (19:43)
005 Bypassing Filter In SQL Query (6:06)
006 Blind SQL Injection (11:38)
14 XML, XPath Injection, XXE
001 XPath Injection (6:23)
002 XPath Injection 2 (3:57)
003 XXE (7:22)
15 Components With Known Vulnerabilities
001 Components With Known Vulnerabilities Example (10:06)
16 Insufficient Logging And Monitoring
001 Insufficient Logging And Monitoring Example (4:01)
17 Monetizing Bug Hunting
001 Whats Next & How To Earn Money By Finding Vulnerabilities _ (11:35)
18 Bonus - Web Developer Fundamentals
001 Browsing the Web (6:00)
002 Breaking Google (3:00)
003 The Internet Backbone (5:29)
004 Traceroute (2:24)
005 HTML, CSS, Javascript (5:04)
006 Build Your First Website (7:50)
007 HTML Tags (8:39)
008 Your First CSS (13:42)
009 What Is Javascript_ (5:33)
010 Your First Javascript (11:41)
011 Javascript On Our Webpage (9:05)
012 HTTP_HTTPS (19:58)
013 Introduction To Databases (10:54)
014 SQL_ Create Table (5:15)
015 SQL_ Insert Into + Select (4:33)
016 What is PHP_ (5:16)
19 Bonus - Linux Terminal
001 Linux 1 - ls, cd, pwd, touch (13:46)
002 Linux 2 - sudo, nano, clear (7:00)
003 Linux 3 - ifconfig, nslookup, host (7:34)
Teach online with
003 Burpsuite Repeater
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock