penetration testing

Web application penetration testing roadmap

penetration testing

Introduction

Today, I am going to share resources to get a kickstart in bug bounty or web  application penetration testing, followed by the history of internet, Web and Server Technology, Setting up the lab with BurpSuite and bWAPP, Mapping the application and attack surface, Understanding and exploiting OWASP top 10 vulnerabilities, Session management testing, Bypassing client-side controls, Attacking authentication/login, Attacking access controls (IDOR, Priv esc, hidden files and directories), Attacking Input validations (All injections, XSS and mics), Generating and testing error codes and many more...... 

Phase 1 : History


1. History of Internet
https://www.youtube.com/watch?v=9hIQjrMHTv4


Phase 2 : Web and Server Technology


2. Basic concepts of web applications, how they work and the HTTP protocol
https://www.youtube.com/watch?v=RsQ1tFLwldY&t=7s
3. HTML basics part 1
https://www.youtube.com/watch?v=p6fRBGI_BY0
4. HTML basics part 2
https://www.youtube.com/watch?v=Zs6lzuBVK2w
5. Difference between static and dynamic website
https://www.youtube.com/watch?v=hlg6q6OFoxQ
6. HTTP protocol Understanding
https://www.youtube.com/watch?v=JFZMyhRTVt0
7. Parts of HTTP Request
https://www.youtube.com/watch?v=pHFWGNupGM
8. Parts of HTTP Response
https://www.youtube.com/watch?v=c9sMNc2PrMU
9. Various HTTP Methods
https://www.youtube.com/watch?v=PO7D20HsFsY
10. Understanding URLS
https://www.youtube.com/watch?v=5Jr_Za5yQM
11. Intro to REST
https://www.youtube.com/watch?v=YCcAE2SCQ6k
12. HTTP Request & Response Headers
https://www.youtube.com/watch?v=vAuZwirKjWs
13. What is a cookie
https://www.youtube.com/watch?v=I01XMRo2ESg
14. HTTP Status codes
https://www.youtube.com/watch?v=VLH3FMQ5BIQ
15. HTTP Proxy
https://www.youtube.com/watch?v=qU0PVSJCKcs
16. Authentication with HTTP
https://www.youtube.com/watch?v=GxiFXUFKo1M
17. HTTP basic and digest authentication
https://www.youtube.com/watch?v=GOnhCbDhMzk
18. What is “ServerSide”
https://www.youtube.com/watch?v=JnCLmLO9LhA
19. Server and client side with example
https://www.youtube.com/watch?v=DcBB2Fp8WNI
20. What is a session
https://www.youtube.com/watch?v=WV4DJ6b0jhg&t=202s
21. Introduction to UTF8 and Unicode
https://www.youtube.com/watch?v=sqPTR_v4qFA
22. URL encoding
https://www.youtube.com/watch?v=Z3udiqgW1VA
23. HTML encoding
https://www.youtube.com/watch?v=IiAfCLWpgII&t=109s
24. Base64 encoding
https://www.youtube.com/watch?v=8qkxeZmKmOY
25. Hex encoding & ASCII
https://www.youtube.com/watch?v=WW2SaCMnHdU

Phase 3 : Setting up the lab with BurpSuite and bWAPP


26. Setup lab with bWAPP https://www.youtube.com/watch?v=dwtUn3giwTk&index=1&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV

27. Set up Burp Suite
https://www.youtube.com/watch?v=hQsT4rSa_v0&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=2
28. Configure Firefox and add certificate
https://www.youtube.com/watch?v=hfsdJ69GSV4&index=3&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
29. Mapping and scoping website
https://www.youtube.com/watch?v=H_iVteMDRo&index=4&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
30. Spidering
https://www.youtube.com/watch?v=97uMUQGIe14&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=5
31. Active and passive scanning
https://www.youtube.com/watch?v=1Mjom6AcFyU&index=6&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
32. Scanner options and demo
https://www.youtube.com/watch?v=gANi4Kt7ek&index=7&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
33. Introduction to password security
https://www.youtube.com/watch?v=FwcUhcLO9iM&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=8
34. Intruder
https://www.youtube.com/watch?v=wtMg9oEMTa8&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=9
35. Intruder attack types
https://www.youtube.com/watch?v=N5ndYPwddkQ&index=10&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
36. Payload settings
https://www.youtube.com/watch?v=5GpdlbtL1Q&index=11&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV
37. Intruder settings
https://www.youtube.com/watch?v=B_Mu7jmOYnU&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=12
38. No.1 Penetration testing tool
https://www.youtube.com/watch?v=AVzC7ETqpDo&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=1
39. Environment Setup
https://www.youtube.com/watch?v=yqnUOdr0eVk&index=2&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA
40. General concept
https://www.youtube.com/watch?v=udl4oqr_ylM&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=3
41. Proxy module
https://www.youtube.com/watch?v=PDTwYFkjQBE&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=4
42. Repeater module
https://www.youtube.com/watch?v=9Zh_7s5csCc&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=5
43. Target and spider module
https://www.youtube.com/watch?v=dCKPZUSOlr8&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=6
44. Sequencer and scanner module
https://www.youtube.com/watch?v=Gv581pXerE&list=PLq9n8iqQJFDrwFe9AEDBlR1uSHEN7egQA&index=7


Phase 4: Mapping the application and attack surface


45. Spidering
https://www.youtube.com/watch?v=97uMUQGIe14&list=PLv95pq8fEyuivHeZB2jeC435tU3_1YGzV&index=5
46. Mapping application using robots.txt
https://www.youtube.com/watch?v=akuzgZ75zrk
47. Discover hidden contents using dirbuster
https://www.youtube.com/watch?v=nu9Jq07gA
48. Dirbuster in detail
https://www.youtube.com/watch?v=2tOQC68hAcQ
49. Discover hidden directories and files with intruder
https://www.youtube.com/watch?v=4Fz9mJeMNkI
50. Directory bruteforcing 1
https://www.youtube.com/watch?v=ch2onB_LFoI
51. Directory bruteforcing 2
https://www.youtube.com/watch?v=ASMW_oLbyIg
52. Identify application entry points
https://www.youtube.com/watch?v=IgJWPZ2OKO8&t=34s
53. Identify application entry points
https://www.owasp.org/index.php/Identify_application_entry_points_(OTGINFO006)
54. Identify client and server technology
https://www.youtube.com/watch?v=B8jN_iWjtyM
55. Identify server technology using banner grabbing (telnet)
https://www.youtube.com/watch?v=O67MU2UOAg

56. Identify server technology using httprecon https://www.youtube.com/watch?v=xBBHtSdwsM

57. Pentesting with Google dorks Introduction https://www.youtube.com/watch?v=NmdrKFwAw9U
58. Fingerprinting web server https://www.youtube.com/watch?v=tw2VdG0t5kc&list=PLxLRoXCDIalcRS5Nb1I_HM_OzS10E6lqp&index=10
59. Use Nmap for fingerprinting web server https://www.youtube.com/watch?v=VQVy_AN80
60. Review webs servers metafiles for information leakage https://www.youtube.com/watch?v=sds3Zotf_ZY
61. Enumerate applications on web server https://www.youtube.com/watch?v=lfhvvTLN60E
62. Identify application entry points https://www.youtube.com/watch?v=97uMUQGIe14&list=PLDeogY2QrtGR2NL2X1AR5Zz9t1iaWwlM
63. Map execution path through application https://www.youtube.com/watch?v=0I0NPiyo9UI
64. Fingerprint web application frameworks https://www.youtube.com/watch?v=ASzG0kBoE4c
 

Phase 5: Understanding and exploiting OWASP top 10 vulnerabilities


65. A closer look at all owasp top 10 vulnerabilities
https://www.youtube.com/watch?v=avFR_Af0KGk
66. Injection https://www.youtube.com/watch?v=02mLrFVzIYU&index=1&list=PLoyY7ZjHtUUVLs2fyctzZDSPpawuQ28d
67. Broken authentication and session management
https://www.youtube.com/watch?v=iX49fqZ8HGA&index=2&list=PLoyY7ZjHtUUVLs2fy
ctzZDSPpawuQ28d

68. Crosssite scripting
https://www.youtube.com/watch?v=x6I5fCupLLU&index=3&list=PLoyY7ZjHtUUVLs2fyctzZDSPpawuQ28d
69. Insecure direct object reference
https://www.youtube.com/watch?v=iCyp9Qz3CI&list=PLoyY7ZjHtUUVLs2fyctzZDSPpawuQ28d&index=4
70. Security misconfiguration
https://www.youtube.com/watch?v=cIplXL8idyo&list=PLoyY7ZjHtUUVLs2fyctzZDSPpawuQ28d&index=5
71. Sensitive data exposure
https://www.youtube.com/watch?v=rYlzTQlF8Ws&index=6&list=PLoyY7ZjHtUUVLs2fyctzZDSPpawuQ28d
72. Missing functional level access controls
https://www.youtube.com/watch?v=VMv_gyCNGpk&list=PLoyY7ZjHtUUVLs2fyctzZDSPpawuQ28d&index=7
73. Crosssite request forgery
https://www.youtube.com/watch?v=_xSFm3KGxh0&list=PLoyY7ZjHtUUVLs2fyctzZDSPpawuQ28d&index=8
74. Using components with known vulnerabilities
https://www.youtube.com/watch?v=bhJmVBJF4&index=9&list=PLoyY7ZjHtUUVLs2fy
ctzZDSPpawuQ28d

75. Unvalidated redirects and forwards
https://www.youtube.com/watch?v=L6bYKiLtSL8&index=10&list=PLoyY7ZjHtUUVLs2fyctzZDSPpawuQ28d
76. Injection
https://www.youtube.com/watch?v=rWHvp7rUka8&index=1&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
77. Broken authentication and session management

https://www.youtube.com/watch?v=mruO75ONWy8&index=2&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

78. Insecure deserialisation
https://www.youtube.com/watch?v=nkTBwbnfesQ&index=8&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
79. Sensitive data exposure
https://www.youtube.com/watch?v=2RKbacrkUBU&index=3&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
80. Broken access control
https://www.youtube.com/watch?v=P38at6Tp8Ms&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD&index=5
81. Insufficient logging and monitoring
https://www.youtube.com/watch?v=IFF3tkUOF5E&index=10&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
82. XML external entities
https://www.youtube.com/watch?v=g2ey7ry8_CQ&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD&index=4

83. Using components with known vulnerabilities https://www.youtube.com/watch?v=IGsNYVDKRV0&index=9&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD

84. Crosssite scripting https://www.youtube.com/watch?v=IuzU4yUjLw&index=7&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
85. Security misconfiguration
https://www.youtube.com/watch?v=JuGSUMtKTPU&index=6&list=PLyqga7AXMtPPuibxp1N0TdyDrKwP9H_jD
86. Injection explained
https://www.youtube.com/watch?v=1qMggPJpRXM&index=1&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X
87. Broken authentication and session management
https://www.youtube.com/watch?v=fKnG15BL4AY&list=PLpNYlUeSK_rkrrBox
xvSkm5lgaDqKa0X&index=2

88. Crosssite scripting
https://www.youtube.com/watch?v=ksMxXeDUNs&index=3&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X
89. Insecure direct object reference
https://www.youtube.com/watch?v=ZodA76CB10&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X&index=4
90. Security misconfiguration
https://www.youtube.com/watch?v=DfFPHKPCofY&index=5&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X
91. Sensitive data exposure
https://www.youtube.com/watch?v=Z7hafbGDVEE&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X&index=6
92. Missing functional level access control
https://www.youtube.com/watch?v=RGN3w831Elo&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X&index=7
93. Crosssite request forgery
https://www.youtube.com/watch?v=XRW_US5BCxk&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X&index=8
94. Components with known vulnerabilities
https://www.youtube.com/watch?v=pbvDW9pJdng&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X&index=9
95. Unvalidated redirects and forwards
https://www.youtube.com/watch?v=bHTglpgC5Qg&list=PLpNYlUeSK_rkrrBoxxvSkm5lgaDqKa0X&index=10


Phase 6 : Session management testing


96. Bypass authentication using cookie manipulation
https://www.youtube.com/watch?v=mEbmturLljU
97. Cookie Security Via httponly and secure Flag OWASP
https://www.youtube.com/watch?v=3aKA4RkAg78
98. Penetration testing Cookies basic
https://www.youtube.com/watch?v=_P7KN8T1boc
99. Session fixation 1
https://www.youtube.com/watch?v=ucmgeHKtxaI
100. Session fixation 2
https://www.youtube.com/watch?v=0Tu1qxysWOk
101. Session fixation 3
https://www.youtube.com/watch?v=jxwgpWvRUSo
102. Session fixation 4
https://www.youtube.com/watch?v=eUbtW0Z0W1g
103. CSRF Cross site request forgery 1
https://www.youtube.com/watch?v=m0EHlfTgGUU
104. CSRF Cross site request forgery 2
https://www.youtube.com/watch?v=H3iu0_ltcv4
105. CSRF Cross site request forgery 3
https://www.youtube.com/watch?v=1NO4I28J0s
106. CSRF Cross site request forgery 4
https://www.youtube.com/watch?v=XdEJEUJ0Fr8
107. CSRF Cross site request forgery 5
https://www.youtube.com/watch?v=TwG0Rd0hr18
108. Session puzzling 1
https://www.youtube.com/watch?v=YEOvmhTb8xA
109. Admin bypass using session hijacking
https://www.youtube.com/watch?v=1wp1o1TfAc

Phase 7 : Bypassing clientside controls

110. What is hidden forms in HTML https://www.youtube.com/watch?v=orUoGsgaYAE

111. Bypassing hidden form fields using tamper data https://www.youtube.com/watch?v=NXkGX2sPw7

112. Bypassing hidden form fields using Burp Suite (Purchase application) https://www.youtube.com/watch?v=xahvJyUFTfM
113. Changing price on eCommerce website using parameter tampering
https://www.youtube.com/watch?v=AccNpP06Zg
114. Understanding cookie in detail
https://www.youtube.com/watch?v=_P7KN8T1boc&list=PLWPirh4EWFpESKWJmrgQwmsnTrL_K93Wi&index=18
115. Cookie tampering with tamper data
https://www.youtube.com/watch?v=NgKXm0lBecc
116. Cookie tamper part 2
https://www.youtube.com/watch?v=dTCt_I2DWgo
117. Understanding referer header in depth using Cisco product
https://www.youtube.com/watch?v=GkQnBa3C7WI&t=35s
118. Introduction to ASP.NET viewstate
https://www.youtube.com/watch?v=L3p6Uw6SSXs
119. ASP.NET viewstate in depth
https://www.youtube.com/watch?v=Fn_08JLsrmY
120. Analyse sensitive data in ASP.NET viewstate
https://msdn.microsoft.com/enus/library/ms972427.aspx?f=255&MSPPError=2147217396
121. Crossoriginresourcesharing explanation with example
https://www.youtube.com/watch?v=Ka8vG5miErk
122. CORS demo 1
https://www.youtube.com/watch?v=wR8pjTWaEbs
123. CORS demo 2
https://www.youtube.com/watch?v=lg31RYYGT4
124. Security headers
https://www.youtube.com/watch?v=TNlcoYLIGFk
125. Security headers 2
https://www.youtube.com/watch?v=ZZUvmVkkKu4


Phase 8 : Attacking authentication/login


126. Attacking login panel with bad password Guess username password for the website and try different combinations

127. Bruteforce login panel
https://www.youtube.com/watch?v=25cazx5D_vw
128. Username enumeration
https://www.youtube.com/watch?v=WCO7LnSlskE
129. Username enumeration with bruteforce password attack
https://www.youtube.com/watch?v=zf3pYJU1c4
130. Authentication over insecure HTTP protocol
https://www.youtube.com/watch?v=ueSG7TUqoxk
131. Authentication over insecure HTTP protocol
https://www.youtube.com/watch?v=_WQe36pZ3mA
132. Forgot password vulnerability case 1
https://www.youtube.com/watch?v=FEUidWWnZwU
133. Forgot password vulnerability case 2
https://www.youtube.com/watch?v=j78YyYdWL4
134. Login page autocomplete feature enabled
https://www.youtube.com/watch?v=XNjUfwDmHGc&t=33s
135. Testing for weak password policy
https://www.owasp.org/index.php/Testing_for_Weak_password_policy_(OTGAUTHN007)
136. Insecure distribution of credentials When you register in any website or you request for a password reset using forgot password feature, if the
website sends your username and password over the email in cleartext without sending the password reset link, then it is a vulnerability.

137. Test for credentials transportation using SSL/TLS certificate
https://www.youtube.com/watch?v=21_IYz4npRs
138. Basics of MySQL
https://www.youtube.com/watch?v=yPu6qV5byu4
139. Testing browser cache
https://www.youtube.com/watch?v=2T_Xz3Humdc
140. Bypassing login panel case 1
https://www.youtube.com/watch?v=TSqXkkOt6oM
141. Bypass login panel case 2
https://www.youtube.com/watch?v=J6v_WLFK1c

Phase 9 : Attacking access controls (IDOR, Priv esc, hidden files and directories)


Completely unprotected functionalities


142. Finding admin panel
https://www.youtube.com/watch?v=r1k2lgvK3s0
143. Finding admin panel and hidden files and directories
https://www.youtube.com/watch?v=Z0VAPbATy1A
144. Finding hidden webpages with dirbusater
https://www.youtube.com/watch?v=nu9Jq07gA&t=5s


Insecure direct object reference


145. IDOR case 1
https://www.youtube.com/watch?v=gci4R9Vkulc
146. IDOR case 2
https://www.youtube.com/watch?v=4DTULwuLFS0
147. IDOR case 3 (zomato)
https://www.youtube.com/watch?v=tCJBLG5Mayo


Privilege escalation


148. What is privilege escalation
https://www.youtube.com/watch?v=80RzLSrczmc
149. Privilege escalation Hackme bank case 1
https://www.youtube.com/watch?v=g3lv__87cWM
150. Privilege escalation case 2
https://www.youtube.com/watch?v=i4O_hjc87Y


Phase 10 : Attacking Input validations (All injections, XSS and mics)


HTTP verb tampering


151. Introduction HTTP verb tampering
https://www.youtube.com/watch?v=Wl0PrIeAnhs
152. HTTP verb tampering demo
https://www.youtube.com/watch?v=bZlkuiUkQzE


HTTP parameter pollution


153. Introduction HTTP parameter pollution
https://www.youtube.com/watch?v=TospJyWVS4
154. HTTP parameter pollution demo 1
https://www.youtube.com/watch?v=QVZBl8yxVX0&t=11s
155. HTTP parameter pollution demo 2
https://www.youtube.com/watch?v=YRjxdw5BAM0
156. HTTP parameter pollution demo 3
https://www.youtube.com/watch?v=kIVefiDrWUw


XSS Cross site scripting


157. Introduction to XSS
https://www.youtube.com/watch?v=gkMl1suyj3M

158. What is XSS https://www.youtube.com/watch?v=cbmBDiR6WaY

159. Reflected XSS demo https://www.youtube.com/watch?v=r79ozjCL7DA
160. XSS attack method using burpsuite
https://www.youtube.com/watch?v=OLKBZNw3OjQ
161. XSS filter bypass with Xenotix
https://www.youtube.com/watch?v=loZSdedJnqc
162. Reflected XSS filter bypass 1
https://www.youtube.com/watch?v=m5rlLgGrOVA
163. Reflected XSS filter bypass 2
https://www.youtube.com/watch?v=LDiXveqQ0gg
164. Reflected XSS filter bypass 3
https://www.youtube.com/watch?v=hb_qENFUdOk
165. Reflected XSS filter bypass 4
https://www.youtube.com/watch?v=Fg1qqkedGUk
166. Reflected XSS filter bypass 5
https://www.youtube.com/watch?v=NImym71f3Bc
167. Reflected XSS filter bypass 6
https://www.youtube.com/watch?v=9eGzAym2a5Q
168. Reflected XSS filter bypass 7
https://www.youtube.com/watch?v=ObfEI84_MtM
169. Reflected XSS filter bypass 8
https://www.youtube.com/watch?v=2c9xMe3VZ9Q
170. Reflected XSS filter bypass 9
https://www.youtube.com/watch?v=48zknvo7LM
171. Introduction to Stored XSS
https://www.youtube.com/watch?v=SHmQ3sQFeLE
172. Stored XSS 1
https://www.youtube.com/watch?v=oHIl_pCahsQ
173. Stored XSS 2
https://www.youtube.com/watch?v=dBTuWzX8hd0
174. Stored XSS 3
https://www.youtube.com/watch?v=PFG0lkMeYDc
175. Stored XSS 4
https://www.youtube.com/watch?v=YPUBFklUWLc
176. Stored XSS 5
https://www.youtube.com/watch?v=x9Zx44EVOg


SQL injection


177. Part 1 Install SQLi lab
https://www.youtube.com/watch?v=NJ9AA1_t1Ic&index=23&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
178. Part 2 SQL lab series
https://www.youtube.com/watch?v=TA2h_kUqfhU&index=22&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
179. Part 3 SQL lab series
https://www.youtube.com/watch?v=N0zAChmZIZU&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=21
180. Part 4 SQL lab series
https://www.youtube.com/watch?v=6pVxm5mWBVU&index=20&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
181. Part 5 SQL lab series
https://www.youtube.com/watch?v=0tyerVP9R98&index=19&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
182. Part 6 Double query injection
https://www.youtube.com/watch?v=zaRlcPbfX4M&index=18&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
183. Part 7 Double query injection cont..

https://www.youtube.com/watch?v=9utdAPxmvaI&index=17&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

184. Part 8 Blind injection boolean based

https://www.youtube.com/watch?v=u7Z7AIR6cMI&index=16&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

185. Part 9 Blind injection time based

https://www.youtube.com/watch?v=gzU1YBu_838&index=15&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

186. Part 10 Dumping DB using outfile

https://www.youtube.com/watch?v=ADW844OA6io&index=14&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro

187. Part 11 Post parameter injection error based

https://www.youtube.com/watch?v=6sQ23tqiTXY&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=13

188. Part 12 POST parameter injection double query based
https://www.youtube.com/watch?v=tjFXWQY4LuA&index=12&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro189. Part 13 POST parameter injection blind boolean and time based https://www.youtube.com/watch?v=411G4nH5jE&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=10190. Part 14 Post parameter injection in UPDATE query https://www.youtube.com/watch?v=2FgLcPuU7Vw&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=11

191. Part 15 Injection in insert query https://www.youtube.com/watch?v=ZJiPsWxXYZs&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=9
192. Part 16 Cookie based injection
https://www.youtube.com/watch?v=A3vVqfP8pA&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=8
193. Part 17 Second order injection
https://www.youtube.com/watch?v=e9pbC5BxiAE&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=7
194. Part 18 Bypassing blacklist filters 1
https://www.youtube.com/watch?v=5PknuYoDdw&index=6&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
195. Part 19 Bypassing blacklist filters 2
https://www.youtube.com/watch?v=45BjuQFt55Y&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=5
196. Part 20 Bypassing blacklist filters 3
https://www.youtube.com/watch?v=cPjb_zLpH0&index=4&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro
197. Part 21 Bypassing WAF
https://www.youtube.com/watch?v=uRDuCXFpHXc&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=2
198. Part 22 Bypassing WAF Impedance mismatch
https://www.youtube.com/watch?v=ygVUebdv_Ws&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=3
199. Part 23 Bypassing addslashes charset mismatch
https://www.youtube.com/watch?v=dujkS6sbo&list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro&index=1


NoSQL injection


200. Introduction to NoSQL injection
https://www.youtube.com/watch?v=h0h37Dwd_A
201. Introduction to SQL vs NoSQL Difference between MySQL and MongoDB with tutorial
https://www.youtube.com/watch?v=QwevGzVu_zk
202. Abusing NoSQL databases
https://www.youtube.com/watch?v=lcO1BTNh8r8
203. Making cry attacking NoSQL for pentesters
https://www.youtube.com/watch?v=NgsesuLpyOg


Xpath and XML injection


204. Introduction to Xpath injection
https://www.youtube.com/watch?v=2_UyM6Ea0Yk&t=3102s
205. Introduction to XML injection
https://www.youtube.com/watch?v=9ZokuRHoeY
206. Practical 1 bWAPP
https://www.youtube.com/watch?v=6tV8EuaHI9M
207. Practical 2 Mutillidae
https://www.youtube.com/watch?v=fV0qsqcScI4
208. Practical 3 webgoat
https://www.youtube.com/watch?v=5ZDSPVp1TpM
209. Hack admin panel using Xpath injection
https://www.youtube.com/watch?v=vvlyYlXuVxI
210. XXE demo
https://www.youtube.com/watch?v=3B8QhyrEXlU
211. XXE demo 2
https://www.youtube.com/watch?v=UQjxvEwyUUw
212. XXE demo 3
https://www.youtube.com/watch?v=JI0daBHq6fA


LDAP injection


213. Introduction and practical 1
https://www.youtube.com/watch?v=TXFlg7S9ks
214. Practical 2
https://www.youtube.com/watch?v=wtahzm_R8e4

OS command injection

215. OS command injection in bWAPP https://www.youtube.com/watch?v=qLIkGJrMY9k
216. bWAAP OS command injection with Commiux (All levels)
https://www.youtube.com/watch?v=51QLbVa8YE


Local file inclusion


217. Detailed introduction
https://www.youtube.com/watch?v=kcojXEwolIs
218. LFI demo 1
https://www.youtube.com/watch?v=54hSHpVoz7A
219. LFI demo 2
https://www.youtube.com/watch?v=qPq9hIVtitI


Remote file inclusion


220. Detailed introduction
https://www.youtube.com/watch?v=MZjORTEwpaw
221. RFI demo 1
https://www.youtube.com/watch?v=gWt9A6eOkq0

222. RFI introduction and demo 2 https://www.youtube.com/watch?v=htTEfokaKsM


HTTP splitting/smuggling


223. Detailed introduction
https://www.youtube.com/watch?v=bVaZWHrfiPw
224. Demo 1
https://www.youtube.com/watch?v=mOf4H1aLiiE


Phase 11 : Generating and testing error codes


225. Generating normal error codes by visiting files that may not exist on the server for example visit chintan.php or chintan.aspx file on any website
and it may redirect you to 404.php or 404.aspx or their customer error page. Check if an error page is generated by default web server or application
framework or a custom page is displayed which does not display any sensitive information.

226. Use BurpSuite fuzzing techniques to generate stack trace error codes
https://www.youtube.com/watch?v=LDF6OkcvBzM


Phase 12 : Weak cryptography testing


227. SSL/TLS weak configuration explained
https://www.youtube.com/watch?v=Rp3iZUvXWlM
228. Testing weak SSL/TLS ciphers
https://www.youtube.com/watch?v=slbwCMHqCkc
229. Test SSL/TLS security with Qualys guard
https://www.youtube.com/watch?v=Na8KxqmETnw
230. Sensitive information sent via unencrypted channels
https://www.youtube.com/watch?v=21_IYz4npRs


Phase 13 : Business logic vulnerability


231. What is a business logic flaw
https://www.youtube.com/watch?v=ICbvQzva6lE&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI

232. The Difficulties Finding Business Logic Vulnerabilities with Traditional Security Tools

https://www.youtube.com/watch?v=JTMg0bhkUbo&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=2
233. How To Identify Business Logic Flaws
https://www.youtube.com/watch?v=FJcgfLM4SAY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=3
234. Business Logic Flaws: Attacker Mindset

https://www.youtube.com/watch?v=Svxh9KSTL3Y&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=4

235. Business Logic Flaws: Dos Attack On Resource

https://www.youtube.com/watch?v=4S6HWzhmXQk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=5

236. Business Logic Flaws: Abuse Cases: Information Disclosure

https://www.youtube.com/watch?v=HrHdUEUwMHk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=6

237. Business Logic Flaws: Abuse Cases: iPod Repairman Dupes Apple

https://www.youtube.com/watch?v=8yB_ApVsdhA&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=7

238. Business Logic Flaws: Abuse Cases: Online Auction

https://www.youtube.com/watch?v=oa_UICCqfbY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=8

239. Business Logic Flaws: How To Navigate Code Using ShiftLeft Ocular

https://www.youtube.com/watch?v=hz7IZu6H6oE&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=9

240. Business Logic Security Checks: Data Privacy Compliance

https://www.youtube.com/watch?v=qX2fyniKUIQ&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=10

241. Business Logic Security Checks: Encryption Compliance

https://www.youtube.com/watch?v=V8zphJbltDY&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=11

242. Business Logic Security: Enforcement Checks

https://www.youtube.com/watch?v=5e7qgY_L3UQ&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=12

243. Business Logic Exploits: SQL Injection
https://www.youtube.com/watch?v=hcIysfhA9AA&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=13
244. Business Logic Exploits: Security Misconfiguration
https://www.youtube.com/watch?v=ppLBtCQcYRk&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=15

245.Business Logic Exploits: Data Leakage https://www.youtube.com/watch?v=qe0bEvguvbs&list=PLWoDr1kTbIxKZe_JeTDIcD2I7Uy1pLIFI&index=16
246. Demo 1
https://www.youtube.com/watch?v=yV7OQRyOao
247. Demo 2
https://www.youtube.com/watch?v=mzjTG7pKmQI
248. Demo 3
https://www.youtube.com/watch?v=A8V_58QZPMs
249. Demo 4
https://www.youtube.com/watch?v=1pvrEKAFJyk
250. Demo 5
https://hackerone.com/reports/145745
251. Demo 6
https://hackerone.com/reports/430854

Spread the love

Leave a Comment

Your email address will not be published.