Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Web Application Penetration Testing: Learning from a Tester's Prespective
First Section
Introduction (2:28)
Gathering Information
Nmap Introduction (8:23)
Different Types of Nmap Scans (Theory) (5:50)
Different Type of Nmap Scan (Demo) (4:38)
Different Type of Nmap Scans 2 (4:44)
Banner Grabbing Using nmap (4:05)
Enumerating Directories using DirBuster (4:26)
Enumerating SubDomain (10:24)
Pentesting Lab Setup
Setting Up the Enviornment (3:29)
Setting Up the Enviornment 2 (4:30)
Configuration And Deployment Management Testing
HTTP Strict Transport Security (2:51)
Enumerating Juicy Endpoints (4:10)
Input Validation Testing
What you will learn in This Section (0:58)
HTML Injection (6:22)
XSS (10:52)
Different Type of XSS (12:40)
HTTP parameter Pollution (6:10)
SQL Injection (5:56)
Local File Inclusion (6:01)
Directory Traversal (7:39)
Command Injection (7:27)
Authentication Testing
Broken Authentication (11:54)
Authentication Issues 1 (8:18)
Authentication Issue 2 (7:46)
Session Management Testing
What You will Learn in This Section (0:30)
Cookie Attributes (8:37)
Testing for Weak Session ID (4:31)
Session Management 1 (9:21)
Session Management 2 (5:25)
File Upload and Redirects
Unrestricted File Uploads (6:51)
Unvalidated Forwards and Redirects (6:02)
Some Other Important issues
CSRF (8:45)
IDOR (7:35)
CORS (8:30)
Teach online with
Enumerating Juicy Endpoints
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock