Hacking course

Hacking course

Anonymous



Content List:


Phase 1 – History

Phase 2 – Web and Server Technology

Phase 3 – Setting up the lab with BurpSuite and bWAPP

Phase 4 – Mapping the application and attack surface

Phase 5 – Understanding and exploiting OWASP top 10 vulnerabilities

Phase 6 – Session management testing

Phase 7 – Bypassing client-side controls

Phase 8 – Attacking authentication/login

Phase 9 - Attacking access controls (IDOR, Priv esc, hidden files and directories)

Phase 10 – Attacking Input validations (All injections, XSS and mics)

Phase 11 – Generating and testing error codes

Phase 12 – Weak cryptography testing

Phase 13 – Business logic vulnerability

Web Application Penetration Testing


Phase 1 – History


History of the Internet - https://www.youtube.com/watch?v=9hIQjrMHTv4 21


Phase 2 – Web and Server Technology


Basic concepts of web applications, how they work and the HTTP protocol - https://www.youtube.com/watch?v=RsQ1tFLwldY&t=7s 10

HTML basics part 1 - https://www.youtube.com/watch?v=p6fRBGI_BY0 7

HTML basics part 2 - https://www.youtube.com/watch?v=Zs6lzuBVK2w 5

Difference between static and dynamic website - https://www.youtube.com/watch?v=hlg6q6OFoxQ

HTTP protocol Understanding - https://www.youtube.com/watch?v=JFZMyhRTVt0 2

Parts of HTTP Request -https://www.youtube.com/watch?v=pHFWGN-upGM 1

Parts of HTTP Response - https://www.youtube.com/watch?v=c9sMNc2PrMU 1

Various HTTP Methods - https://www.youtube.com/watch?v=PO7D20HsFsY 1

Understanding URLS - https://www.youtube.com/watch?v=5Jr-_Za5yQM 2

Intro to REST - https://www.youtube.com/watch?v=YCcAE2SCQ6k 1

HTTP Request & Response Headers - https://www.youtube.com/watch?v=vAuZwirKjWs

What is a cookie - https://www.youtube.com/watch?v=I01XMRo2ESg 1

HTTP Status codes - https://www.youtube.com/watch?v=VLH3FMQ5BIQ 1

HTTP Proxy - https://www.youtube.com/watch?v=qU0PVSJCKcs 1

Authentication with HTTP - https://www.youtube.com/watch?v=GxiFXUFKo1M 1

HTTP basic and digest authentication - https://www.youtube.com/watch?v=GOnhCbDhMzk 1

What is “Server-Side” - https://www.youtube.com/watch?v=JnCLmLO9LhA 1

Server and client side with example - https://www.youtube.com/watch?v=DcBB2Fp8WNI

What is a session - https://www.youtube.com/watch?v=WV4DJ6b0jhg&t=202s

Introduction to UTF-8 and Unicode - https://www.youtube.com/watch?v=sqPTR_v4qFA

URL encoding - https://www.youtube.com/watch?v=Z3udiqgW1VA

HTML encoding - https://www.youtube.com/watch?v=IiAfCLWpgII&t=109s

Base64 encoding - https://www.youtube.com/watch?v=8qkxeZmKmOY 3

Hex encoding & ASCII - https://www.youtube.com/watch?v=WW2SaCMnHdU 2


Phase 3 – Setting up the lab with BurpSuite and bWAPP


MANISH AGRAWAL


Setup lab with bWAPP - https://www.youtube.com/watch?v=dwtUn3giwTk&index=1&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV 11

Set up Burp Suite - https://www.youtube.com/watch?v=hQsT4rSa_v0&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=2 2

Configure Firefox and add certificate - https://www.youtube.com/watch?v=hfsdJ69GSV4&index=3&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

Mapping and scoping website - https://www.youtube.com/watch?v=H-_iVteMDRo&index=4&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

Spidering - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=5 6

Active and passive scanning - https://www.youtube.com/watch?v=1Mjom6AcFyU&index=6&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV 1

Scanner options and demo - https://www.youtube.com/watch?v=gANi4Kt7-ek&index=7&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV 1

Introduction to password security - https://www.youtube.com/watch?v=FwcUhcLO9iM&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=8 3

Intruder - https://www.youtube.com/watch?v=wtMg9oEMTa8&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=9

Intruder attack types - https://www.youtube.com/watch?v=N5ndYPwddkQ&index=10&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

Payload settings - https://www.youtube.com/watch?v=5GpdlbtL-1Q&index=11&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

Intruder settings - https://www.youtube.com/watch?v=B_Mu7jmOYnU&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=12


ÆTHER SECURITY LAB


No.1 Penetration testing tool - https://www.youtube.com/watch?v=AVzC7ETqpDo&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=1 6

Environment Setup - https://www.youtube.com/watch?v=yqnUOdr0eVk&index=2&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA 1

General concept - https://www.youtube.com/watch?v=udl4oqr_ylM&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=3

Proxy module - https://www.youtube.com/watch?v=PDTwYFkjQBE&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=4 2

Repeater module - https://www.youtube.com/watch?v=9Zh_7s5csCc&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=5

Target and spider module - https://www.youtube.com/watch?v=dCKPZUSOlr8&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=6

Sequencer and scanner module - https://www.youtube.com/watch?v=G-v581pXerE&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=7


Phase 4 – Mapping the application and attack surface


Spidering - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=5 7

Mapping application using robots.txt - https://www.youtube.com/watch?v=akuzgZ75zrk 1

Discover hidden contents using dirbuster - https://www.youtube.com/watch?v=--nu9Jq07gA 1

Dirbuster in detail - https://www.youtube.com/watch?v=2tOQC68hAcQ 1

Discover hidden directories and files with intruder - https://www.youtube.com/watch?v=4Fz9mJeMNkI

Directory bruteforcing 1 - https://www.youtube.com/watch?v=ch2onB_LFoI

Directory bruteforcing 2 - https://www.youtube.com/watch?v=ASMW_oLbyIg

Identify application entry points - https://www.youtube.com/watch?v=IgJWPZ2OKO8&t=34s

Identify application entry points - https://www.owasp.org/index.php/Identify_application_entry_points_(OTG-INFO-006)

Identify client and server technology - https://www.youtube.com/watch?v=B8jN_iWjtyM

Identify server technology using banner grabbing (telnet) - https://www.youtube.com/watch?v=O67M-U2UOAg

Identify server technology using httprecon - https://www.youtube.com/watch?v=xBBHtS-dwsM

Pentesting with Google dorks Introduction - https://www.youtube.com/watch?v=NmdrKFwAw9U

Fingerprinting web server - https://www.youtube.com/watch?v=tw2VdG0t5kc&list=PLxLRoXCDIalcRS5Nb1I_HM_OzS10E6lqp&index=10

Use Nmap for fingerprinting web server - https://www.youtube.com/watch?v=VQV-y_-AN80

Review webs servers metafiles for information leakage - https://www.youtube.com/watch?v=sds3Zotf_ZY

Enumerate applications on web server - https://www.youtube.com/watch?v=lfhvvTLN60E

Identify application entry points - https://www.youtube.com/watch?v=97uMUQGIe14&list=PLDeogY2Qr-tGR2NL2X1AR5Zz9t1iaWwlM

Map execution path through application - https://www.youtube.com/watch?v=0I0NPiyo9UI

Fingerprint web application frameworks - https://www.youtube.com/watch?v=ASzG0kBoE4c


Phase 5 – Understanding and exploiting OWASP top 10 vulnerabilities


A closer look at all owasp top 10 vulnerabilities - https://www.youtube.com/watch?v=avFR_Af0KGk


IBM


Injection - https://www.youtube.com/watch?v=02mLrFVzIYU&index=1&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d 7

Broken authentication and session management - https://www.youtube.com/watch?v=iX49fqZ8HGA&index=2&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d 3

Cross-site scripting - https://www.youtube.com/watch?v=x6I5fCupLLU&index=3&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d 4

Insecure direct object reference - https://www.youtube.com/watch?v=-iCyp9Qz3CI&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=4

Security misconfiguration - https://www.youtube.com/watch?v=cIplXL8idyo&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=5

Sensitive data exposure - https://www.youtube.com/watch?v=rYlzTQlF8Ws&index=6&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d 1

Missing functional level access controls - https://www.youtube.com/watch?v=VMv_gyCNGpk&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=7

Cross-site request forgery - https://www.youtube.com/watch?v=_xSFm3KGxh0&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d&index=8 3

Using components with known vulnerabilities - https://www.youtube.com/watch?v=bhJmVBJ-F-4&index=9&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d

Unvalidated redirects and forwards - https://www.youtube.com/watch?v=L6bYKiLtSL8&index=10&list=PLoyY7ZjHtUUVLs2fy-ctzZDSPpawuQ28d 1


F5 CENTRAL


Injection - https://www.youtube.com/watch?v=rWHvp7rUka8&index=1&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD 2

Broken authentication and session management - https://www.youtube.com/watch?v=mruO75ONWy8&index=2&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

Insecure deserialisation - https://www.youtube.com/watch?v=nkTBwbnfesQ&index=8&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD 1

Sensitive data exposure - https://www.youtube.com/watch?v=2RKbacrkUBU&index=3&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD 1

Broken access control - https://www.youtube.com/watch?v=P38at6Tp8Ms&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD&index=5

Insufficient logging and monitoring - https://www.youtube.com/watch?v=IFF3tkUOF5E&index=10&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

XML external entities - https://www.youtube.com/watch?v=g2ey7ry8_CQ&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD&index=4

Using components with known vulnerabilities - https://www.youtube.com/watch?v=IGsNYVDKRV0&index=9&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

Cross-site scripting - https://www.youtube.com/watch?v=IuzU4y-UjLw&index=7&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

Security misconfiguration - https://www.youtube.com/watch?v=JuGSUMtKTPU&index=6&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD


LUKE BRINER


Injection explained - https://www.youtube.com/watch?v=1qMggPJpRXM&index=1&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X 1

Broken authentication and session management - https://www.youtube.com/watch?v=fKnG15BL4AY&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=2

Cross-site scripting - https://www.youtube.com/watch?v=ksM-xXeDUNs&index=3&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X

Insecure direct object reference - https://www.youtube.com/watch?v=ZodA76-CB10&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=4

Security misconfiguration - https://www.youtube.com/watch?v=DfFPHKPCofY&index=5&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X

Sensitive data exposure - https://www.youtube.com/watch?v=Z7hafbGDVEE&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=6

Missing functional level access control - https://www.youtube.com/watch?v=RGN3w831Elo&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=7

Cross-site request forgery - https://www.youtube.com/watch?v=XRW_US5BCxk&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=8 1

Components with known vulnerabilities - https://www.youtube.com/watch?v=pbvDW9pJdng&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=9

Unvalidated redirects and forwards - https://www.youtube.com/watch?v=bHTglpgC5Qg&list=PLpNYlUeSK_rkrrBox-xvSkm5lgaDqKa0X&index=10


Phase 6 – Session management testing


Bypass authentication using cookie manipulation - https://www.youtube.com/watch?v=mEbmturLljU 4

Cookie Security Via httponly and secure Flag - OWASP - https://www.youtube.com/watch?v=3aKA4RkAg78 1

Penetration testing Cookies basic - https://www.youtube.com/watch?v=_P7KN8T1boc 3

Session fixation 1 - https://www.youtube.com/watch?v=ucmgeHKtxaI

Session fixation 2 - https://www.youtube.com/watch?v=0Tu1qxysWOk 1

Session fixation 3 - https://www.youtube.com/watch?v=jxwgpWvRUSo 1

Session fixation 4 - https://www.youtube.com/watch?v=eUbtW0Z0W1g

CSRF - Cross site request forgery 1 - https://www.youtube.com/watch?v=m0EHlfTgGUU 2

CSRF - Cross site request forgery 2 - https://www.youtube.com/watch?v=H3iu0_ltcv4

CSRF - Cross site request forgery 3 - https://www.youtube.com/watch?v=1NO4I28J-0s

CSRF - Cross site request forgery 4 - https://www.youtube.com/watch?v=XdEJEUJ0Fr8

CSRF - Cross site request forgery 5 - https://www.youtube.com/watch?v=TwG0Rd0hr18

Session puzzling 1 - https://www.youtube.com/watch?v=YEOvmhTb8xA

Admin bypass using session hijacking - https://www.youtube.com/watch?v=1wp1o-1TfAc 1


Phase 7 – Bypassing client-side controls


What is hidden forms in HTML - https://www.youtube.com/watch?v=orUoGsgaYAE

Bypassing hidden form fields using tamper data - https://www.youtube.com/watch?v=NXkGX2sPw7I 1

Bypassing hidden form fields using Burp Suite (Purchase application) - https://www.youtube.com/watch?v=xahvJyUFTfM

Changing price on eCommerce website using parameter tampering - https://www.youtube.com/watch?v=A-ccNpP06Zg

Understanding cookie in detail - https://www.youtube.com/watch?v=_P7KN8T1boc&list=PLWPirh4EWFpESKWJmrgQwmsnTrL_K93Wi&index=18

Cookie tampering with tamper data- https://www.youtube.com/watch?v=NgKXm0lBecc

Cookie tamper part 2 - https://www.youtube.com/watch?v=dTCt_I2DWgo

Understanding referer header in depth using Cisco product - https://www.youtube.com/watch?v=GkQnBa3C7WI&t=35s

Introduction to ASP.NET viewstate - https://www.youtube.com/watch?v=L3p6Uw6SSXs

ASP.NET viewstate in depth - https://www.youtube.com/watch?v=Fn_08JLsrmY

Analyse sensitive data in ASP.NET viewstate - https://msdn.microsoft.com/en-us/library/ms972427.aspx?f=255&MSPPError=-2147217396

Cross-origin-resource-sharing explanation with example - https://www.youtube.com/watch?v=Ka8vG5miErk

CORS demo 1 - https://www.youtube.com/watch?v=wR8pjTWaEbs 1

CORS demo 2 - https://www.youtube.com/watch?v=lg31RYYG-T4

Security headers - https://www.youtube.com/watch?v=TNlcoYLIGFk

Security headers 2 - https://www.youtube.com/watch?v=ZZUvmVkkKu4 1


Phase 8 – Attacking authentication/login


Attacking login panel with bad password - Guess username password for the website and try different combinations

Brute-force login panel - https://www.youtube.com/watch?v=25cazx5D_vw 1

Username enumeration - https://www.youtube.com/watch?v=WCO7LnSlskE 1

Username enumeration with bruteforce password attack - https://www.youtube.com/watch?v=zf3-pYJU1c4

Authentication over insecure HTTP protocol - https://www.youtube.com/watch?v=ueSG7TUqoxk

Authentication over insecure HTTP protocol - https://www.youtube.com/watch?v=WQe36pZ3mA

Forgot password vulnerability - case 1 - https://www.youtube.com/watch?v=FEUidWWnZwU

Forgot password vulnerability - case 2 - https://www.youtube.com/watch?v=j7-8YyYdWL4 1

Login page autocomplete feature enabled - https://www.youtube.com/watch?v=XNjUfwDmHGc&t=33s

Testing for weak password policy - https://www.owasp.org/index.php/Testing_for_Weak_password_policy 1(OTG-AUTHN-007)

Insecure distribution of credentials - When you register in any website or you request for a password reset using forgot password feature, if the website sends your username and password over the email in cleartext without sending the password reset link, then it is a vulnerability.

Test for credentials transportation using SSL/TLS certificate - https://www.youtube.com/watch?v=21_IYz4npRs

Basics of MySQL - https://www.youtube.com/watch?v=yPu6qV5byu4

Testing browser cache - https://www.youtube.com/watch?v=2T_Xz3Humdc

Bypassing login panel -case 1 - https://www.youtube.com/watch?v=TSqXkkOt6oM

Bypass login panel - case 2 - https://www.youtube.com/watch?v=J6v_W-LFK1c 1


Phase 9 - Attacking access controls (IDOR, Priv esc, hidden files and directories)


Completely unprotected functionalities

Finding admin panel - https://www.youtube.com/watch?v=r1k2lgvK3s0 1

Finding admin panel and hidden files and directories - https://www.youtube.com/watch?v=Z0VAPbATy1A

Finding hidden webpages with dirbusater - https://www.youtube.com/watch?v=--nu9Jq07gA&t=5s


Insecure direct object reference

IDOR case 1 - https://www.youtube.com/watch?v=gci4R9Vkulc 1

IDOR case 2 - https://www.youtube.com/watch?v=4DTULwuLFS0

IDOR case 3 (zomato) - https://www.youtube.com/watch?v=tCJBLG5Mayo 1


Privilege escalation

What is privilege escalation - https://www.youtube.com/watch?v=80RzLSrczmc

Privilege escalation - Hackme bank - case 1 - https://www.youtube.com/watch?v=g3lv__87cWM

Privilege escalation - case 2 - https://www.youtube.com/watch?v=-i4O_hjc87Y


Phase 10 – Attacking Input validations (All injections, XSS and mics)


HTTP verb tampering

Introduction HTTP verb tampering - https://www.youtube.com/watch?v=Wl0PrIeAnhs

HTTP verb tampering demo - https://www.youtube.com/watch?v=bZlkuiUkQzE 2


HTTP parameter pollution

Introduction HTTP parameter pollution - https://www.youtube.com/watch?v=Tosp-JyWVS4 1

HTTP parameter pollution demo 1 - https://www.youtube.com/watch?v=QVZBl8yxVX0&t=11s

HTTP parameter pollution demo 2 - https://www.youtube.com/watch?v=YRjxdw5BAM0 1

HTTP parameter pollution demo 3 - https://www.youtube.com/watch?v=kIVefiDrWUw


XSS - Cross site scripting

Introduction to XSS - https://www.youtube.com/watch?v=gkMl1suyj3M 4

What is XSS - https://www.youtube.com/watch?v=cbmBDiR6WaY

Reflected XSS demo - https://www.youtube.com/watch?v=r79ozjCL7DA

XSS attack method using burpsuite - https://www.youtube.com/watch?v=OLKBZNw3OjQ 1

XSS filter bypass with Xenotix - https://www.youtube.com/watch?v=loZSdedJnqc

Reflected XSS filter bypass 1 - https://www.youtube.com/watch?v=m5rlLgGrOVA

Reflected XSS filter bypass 2 - https://www.youtube.com/watch?v=LDiXveqQ0gg 1

Reflected XSS filter bypass 3 - https://www.youtube.com/watch?v=hb_qENFUdOk

Reflected XSS filter bypass 4 - https://www.youtube.com/watch?v=Fg1qqkedGUk

Reflected XSS filter bypass 5 - https://www.youtube.com/watch?v=NImym71f3Bc

Reflected XSS filter bypass 6 - https://www.youtube.com/watch?v=9eGzAym2a5Q

Reflected XSS filter bypass 7 - https://www.youtube.com/watch?v=ObfEI84_MtM

Reflected XSS filter bypass 8 - https://www.youtube.com/watch?v=2c9xMe3VZ9Q

Reflected XSS filter bypass 9 - https://www.youtube.com/watch?v=-48zknvo7LM 1

Introduction to Stored XSS - https://www.youtube.com/watch?v=SHmQ3sQFeLE

Stored XSS 1 - https://www.youtube.com/watch?v=oHIl_pCahsQ

Stored XSS 2 - https://www.youtube.com/watch?v=dBTuWzX8hd0

Stored XSS 3 - https://www.youtube.com/watch?v=PFG0lkMeYDc

Stored XSS 4 - https://www.youtube.com/watch?v=YPUBFklUWLc

Stored XSS 5 - https://www.youtube.com/watch?v=x9Zx44EV-Og


SQL injection


Part 1 - Install SQLi lab - https://www.youtube.com/watch?v=NJ9AA1_t1Ic&index=23&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro 3

Part 2 - SQL lab series - https://www.youtube.com/watch?v=TA2h_kUqfhU&index=22&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 3 - SQL lab series - https://www.youtube.com/watch?v=N0zAChmZIZU&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=21

Part 4 - SQL lab series - https://www.youtube.com/watch?v=6pVxm5mWBVU&index=20&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 5 - SQL lab series - https://www.youtube.com/watch?v=0tyerVP9R98&index=19&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 6 - Double query injection - https://www.youtube.com/watch?v=zaRlcPbfX4M&index=18&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 7 - Double query injection cont… - https://www.youtube.com/watch?v=9utdAPxmvaI&index=17&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 8 - Blind injection boolean based - https://www.youtube.com/watch?v=u7Z7AIR6cMI&index=16&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 9 - Blind injection time based - https://www.youtube.com/watch?v=gzU1YBu_838&index=15&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 10 - Dumping DB using outfile - https://www.youtube.com/watch?v=ADW844OA6io&index=14&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 11 - Post parameter injection error based - https://www.youtube.com/watch?v=6sQ23tqiTXY&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=13

Part 12 - POST parameter injection double query based - https://www.youtube.com/watch?v=tjFXWQY4LuA&index=12&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 13 - POST parameter injection blind boolean and time based - https://www.youtube.com/watch?v=411G-4nH5jE&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=10

Part 14 - Post parameter injection in UPDATE query - https://www.youtube.com/watch?v=2FgLcPuU7Vw&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=11

Part 15 - Injection in insert query - https://www.youtube.com/watch?v=ZJiPsWxXYZs&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=9

Part 16 - Cookie based injection - https://www.youtube.com/watch?v=-A3vVqfP8pA&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=8

Part 17 - Second order injection -https://www.youtube.com/watch?v=e9pbC5BxiAE&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=7 2

Part 18 - Bypassing blacklist filters - 1 - https://www.youtube.com/watch?v=5P-knuYoDdw&index=6&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 19 - Bypassing blacklist filters - 2 - https://www.youtube.com/watch?v=45BjuQFt55Y&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=5

Part 20 - Bypassing blacklist filters - 3 - https://www.youtube.com/watch?v=c-Pjb_zLpH0&index=4&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

Part 21 - Bypassing WAF - https://www.youtube.com/watch?v=uRDuCXFpHXc&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=2 1

Part 22 - Bypassing WAF - Impedance mismatch - https://www.youtube.com/watch?v=ygVUebdv_Ws&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=3

Part 23 - Bypassing addslashes - charset mismatch - https://www.youtube.com/watch?v=du-jkS6-sbo&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=1


NoSQL injection

Introduction to NoSQL injection - https://www.youtube.com/watch?v=h0h37-Dwd_A 2

Introduction to SQL vs NoSQL - Difference between MySQL and MongoDB with tutorial - https://www.youtube.com/watch?v=QwevGzVu_zk

Abusing NoSQL databases - https://www.youtube.com/watch?v=lcO1BTNh8r8 1

Making cry - attacking NoSQL for pentesters - https://www.youtube.com/watch?v=NgsesuLpyOg


Xpath and XML injection

Introduction to Xpath injection - https://www.youtube.com/watch?v=2_UyM6Ea0Yk&t=3102s

Introduction to XML injection - https://www.youtube.com/watch?v=9ZokuRHo-eY 1

Practical 1 - bWAPP - https://www.youtube.com/watch?v=6tV8EuaHI9M

Practical 2 - Mutillidae - https://www.youtube.com/watch?v=fV0qsqcScI4

Practical 3 - webgoat - https://www.youtube.com/watch?v=5ZDSPVp1TpM

Hack admin panel using Xpath injection - https://www.youtube.com/watch?v=vvlyYlXuVxI

XXE demo - https://www.youtube.com/watch?v=3B8QhyrEXlU 1

XXE demo 2 - https://www.youtube.com/watch?v=UQjxvEwyUUw

XXE demo 3 - https://www.youtube.com/watch?v=JI0daBHq6fA


LDAP injection

Introduction and practical 1 - https://www.youtube.com/watch?v=-TXFlg7S9ks 1

Practical 2 - https://www.youtube.com/watch?v=wtahzm_R8e4


OS command injection

OS command injection in bWAPP - https://www.youtube.com/watch?v=qLIkGJrMY9k 1

bWAAP- OS command injection with Commiux (All levels) - https://www.youtube.com/watch?v=5-1QLbVa8YE


Local file inclusion

Detailed introduction - https://www.youtube.com/watch?v=kcojXEwolIs

LFI demo 1 - https://www.youtube.com/watch?v=54hSHpVoz7A

LFI demo 2 - https://www.youtube.com/watch?v=qPq9hIVtitI


Remote file inclusion

Detailed introduction - https://www.youtube.com/watch?v=MZjORTEwpaw

RFI demo 1 - https://www.youtube.com/watch?v=gWt9A6eOkq0 1

RFI introduction and demo 2 - https://www.youtube.com/watch?v=htTEfokaKsM


HTTP splitting/smuggling

Detailed introduction - https://www.youtube.com/watch?v=bVaZWHrfiPw

Demo 1 - https://www.youtube.com/watch?v=mOf4H1aLiiE 1


Phase 11 – Generating and testing error codes


Generating normal error codes by visiting files that may not exist on the server - for example visit chintan.php or chintan.aspx file on any website and it may redirect you to 404.php or 404.aspx or their customer error page. Check if an error page is generated by default web server or application framework or a custom page is displayed which does not display any sensitive information.

Use BurpSuite fuzzing techniques to generate stack trace error codes - https://www.youtube.com/watch?v=LDF6OkcvBzM


Phase 12 – Weak cryptography testing


SSL/TLS weak configuration explained - https://www.youtube.com/watch?v=Rp3iZUvXWlM 3

Testing weak SSL/TLS ciphers - https://www.youtube.com/watch?v=slbwCMHqCkc 1

Test SSL/TLS security with Qualys guard - https://www.youtube.com/watch?v=Na8KxqmETnw

Sensitive information sent via unencrypted channels - https://www.youtube.com/watch?v=21_IYz4npRs


Phase 13 – Business logic vulnerability


What is a business logic flaw - https://www.youtube.com/watch?v=ICbvQzva6lE&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI 2

The Difficulties Finding Business Logic Vulnerabilities with Traditional Security Tools - https://www.youtube.com/watch?v=JTMg0bhkUbo&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=2

How To Identify Business Logic Flaws - https://www.youtube.com/watch?v=FJcgfLM4SAY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=3

Business Logic Flaws: Attacker Mindset - https://www.youtube.com/watch?v=Svxh9KSTL3Y&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=4

Business Logic Flaws: Dos Attack On Resource - https://www.youtube.com/watch?v=4S6HWzhmXQk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=5

Business Logic Flaws: Abuse Cases: Information Disclosure - https://www.youtube.com/watch?v=HrHdUEUwMHk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=6

Business Logic Flaws: Abuse Cases: iPod Repairman Dupes Apple - https://www.youtube.com/watch?v=8yB_ApVsdhA&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=7 2

Business Logic Flaws: Abuse Cases: Online Auction - https://www.youtube.com/watch?v=oa_UICCqfbY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=8

Business Logic Flaws: How To Navigate Code Using ShiftLeft Ocular - https://www.youtube.com/watch?v=hz7IZu6H6oE&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=9

Business Logic Security Checks: Data Privacy Compliance - https://www.youtube.com/watch?v=qX2fyniKUIQ&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=10 2

Business Logic Security Checks: Encryption Compliance - https://www.youtube.com/watch?v=V8zphJbltDY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=11 1

Business Logic Security: Enforcement Checks - https://www.youtube.com/watch?v=5e7qgY_L3UQ&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=12 2

Business Logic Exploits: SQL Injection - https://www.youtube.com/watch?v=hcIysfhA9AA&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=13

Business Logic Exploits: Security Misconfiguration - https://www.youtube.com/watch?v=ppLBtCQcYRk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=15 2

Business Logic Exploits: Data Leakage - https://www.youtube.com/watch?v=qe0bEvguvbs&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=16 1

Demo 1 - https://www.youtube.com/watch?v=yV7O-QRyOao 5

Demo 2 - https://www.youtube.com/watch?v=mzjTG7pKmQI

Demo 3 - https://www.youtube.com/watch?v=A8V_58QZPMs 2

Demo 4 - https://www.youtube.com/watch?v=1pvrEKAFJyk 2

Demo 5 - https://hackerone.com/reports/145745 1

Demo 6 - https://hackerone.com/reports/430854


SOURCE: Unknown

Report content on this page

Report Page

Please submit your DMCA takedown request to dmca@telegram.org