-
Introduction 3
-
Course IntroductionLecture1.103 min
-
Introduction to Bug HuntingLecture1.2
-
What is a Website?Lecture1.305 min
-
-
Information Disclosure vulnerabilities 8
-
Introduction to Information Disclosure VulnerabilitiesLecture2.1
-
Discovering Database Login CredentialsLecture2.209 min
-
Discovering Endpoints & Sensitive DataLecture2.308 min
-
Introduction to HTTP Status CodesLecture2.408 min
-
Employing the Hacker / Bug Hunter Mentality to Discover Admin Login InformationLecture2.508 min
-
Manipulating Application Behaviour Through the HTTP GET MethodLecture2.606 min
-
Manipulating Application Behaviour Through the HTTP POST MethodLecture2.707 min
-
Intercepting Requests With Brup ProxyLecture2.810 min
-
-
Broken Access Control Vulnerabilities 6
-
Introduction to Broken Access Control VulnerabilitiesLecture3.1
-
Cookie ManipulationLecture3.2
-
Accessing Private User DataLecture3.307 min
-
Discovering IDOR Vulnerabilities (Insecure Direct Object Reference)Lecture3.409 min
-
Privilege Escalation with Burp RepeaterLecture3.510 min
-
Debugging Flows with HTTP TRACE & Gaining Admin Access!Lecture3.608 min
-
-
Path / Directory Traversal 7
-
Introduction to Path Traversal Vulnerabilities & Basic DiscoveryLecture4.109 min
-
Bypassing Absolute Path RestrictionLecture4.205 min
-
Bypassing Hard-coded ExtensionsLecture4.304 min
-
Bypassing FilteringLecture4.404 min
-
Bypassing Hard-coded PathsLecture4.504 min
-
Bypassing Advanced FilteringLecture4.606 min
-
Bypassing Extreme FilteringLecture4.709 min
-
-
CSRF - Cross-Site Request Forgery 1
-
Discovering & Exploiting CSRF VulnerabilitiesLecture5.109 min
-
-
OAUTH 2.0 Vulnerabilities 4
-
Introduction to OAUTH 2.0Lecture6.1
-
OAUTH 2.0 Basic ExploitationLecture6.210 min
-
Exploiting a Linking OAUTH 2.0 Flow Through CSRFLecture6.312 min
-
Exploiting a Login OAUTH 2.0 Flow Through CSRFLecture6.413 min
-
-
Injection Vulnerabilities 1
-
Introduction to Injection VulnerabilitiesLecture7.1
-
-
OS Command Injection 4
-
Discovering a Basic Command Injection VulnerabilityLecture8.108 min
-
Discovering Blind Command Injection VulnerabilitiesLecture8.209 min
-
Discovering Asynchronous Blind Command Injection VulnerabilitiesLecture8.308 min
-
Using Burp Collaborator to Exploit Asynchronous Blind Command InjectionLecture8.405 min
-
-
XSS - Cross Site Scripting 3
-
Introduction to XSS Vulnerabilities & Its TypesLecture9.104 min
-
Discovering a HTML Injection VulnerabilityLecture9.205 min
-
Discovering Reflected & Stored XSS VulnerabilitiesLecture9.305 min
-
-
DOM XSS Vulnerabilities 6
-
Introduction to DOM XSS VulnerabilitiesLecture10.105 min
-
Discovering a Reflected DOM XSS in a LinkLecture10.206 min
-
Discovering a Reflected XSS in an Image Tag!Lecture10.306 min
-
Injecting Javascript Directly in a Page ScriptLecture10.406 min
-
Discovering XSS in a Drop-down MenuLecture10.504 min
-
Discovering XSS in AngularJS ApplicationLecture10.604 min
-
-
XSS - Bypassing Security 5
-
Bypassing Basic FilteringLecture11.106 min
-
Bypassing Single-Quotes FilteringLecture11.2
-
Bypassing Advanced FilteringLecture11.310 min
-
Bypassing Server-Side FilteringLecture11.407 min
-
Bypassing Extreme Filtering with Burp IntruderLecture11.509 min
-
-
Bypassing Content Security Policy (CSP) 2
-
Analysing the Target ApplicationLecture12.106 min
-
Discovering an XSS in a CSP Enabled ApplicationLecture12.208 min
-
-
SQL Injection Vulnerabilities 5
-
Introduction to SQL Injection VulnerabilitiesLecture13.107 min
-
Discovering SQL InjectionsLecture13.207 min
-
Bypassing Admin Login Using Logical OperatorsLecture13.305 min
-
Selecting Data From the DatabaseLecture13.408 min
-
Accessing The Database Admin RecordsLecture13.507 min
-
-
Blind SQL Injections 4
-
Discovering Blind SQL InjectionsLecture14.106 min
-
Enumerating Table & Column NamesLecture14.210 min
-
Recovering Administrator Password With Burp IntruderLecture14.308 min
-
Using the Cluster-Bomb Attack to Recover PasswordsLecture14.408 min
-
-
Time-Based Blind SQL Injection 3
-
Discovering Time-Based Blind SQLiLecture15.108 min
-
Extracting Data From the Database Using a Time-Based Blind SQLiLecture15.211 min
-
Getting The Admin Password Using a Time-Based Blind SQLiLecture15.3
-
-
SSRF (Server-Side Request Forgery) 4
-
Introduction to SSRF VulnerabilitiesLecture16.1
-
Theory Behind SSRF Vulnerabilities & Their ImpactLecture16.207 min
-
Discovering a Basic SSRF VulnerabilityLecture16.305 min
-
Accessing Private (Admin) Resources Using an SSRF VulnerabilityLecture16.406 min
-
-
SSRF - Advanced Exploitation 2
-
Advanced SSRF DiscoveryLecture17.106 min
-
Scanning & Mapping Internal Network & ServicesLecture17.208 min
-
-
SSRF - Bypassing Security 3
-
Bypassing BlacklistsLecture18.108 min
-
Bypassing WhitelistsLecture18.210 min
-
Chaining Open Redirection with SSRF to Bypass Restrictive FiltersLecture18.307 min
-
-
Blind SSRF Vulnerabilities 4
-
Introduction to Blind SSRF VulnerabilitiesLecture19.1
-
Discovering Blind SSRF VulnerabilitiesLecture19.206 min
-
Exploiting Blind SSRF VulnerabilitiesLecture19.308 min
-
Escalating Blind SSRF to a Remote Code Execution (RCE)Lecture19.408 min
-
-
XXE (XML External Entity) Injection 4
-
Introduction to XXE Injection VulnerabilitiesLecture20.1
-
What is XML?Lecture20.203 min
-
Exploiting a Basic XXE InjectionLecture20.309 min
-
Discovering an SSRF Through a Blind XXELecture20.407 min
-
-
2 Hour Live Bug Hunting ! 14
-
2 Hour Live Bug Hunt IntroductionLecture21.1
-
Overview of the TargetLecture21.209 min
-
Discovering an Open Redirect VulnerabilityLecture21.307 min
-
Discovering an XSS in the ResponseLecture21.409 min
-
Discovering an XSS in a HTML CommentLecture21.509 min
-
Discovering an XSS in a Date PickerLecture21.606 min
-
Broken Access Control in Booking PageLecture21.706 min
-
Analysing Application Files & Finding Sensitive DataLecture21.812 min
-
Discovering Endpoints Hidden In CodeLecture21.904 min
-
Discovering an IDOR – Insecure Direct Object ReferenceLecture21.1004 min
-
Discovering Hidden Endpoints Using RegexLecture21.1109 min
-
Discovering a Complex Stored XSSLecture21.1211 min
-
Discovering Bugs in Hidden ElementsLecture21.1308 min
-
Discovering Bugs in Hidden ParametersLecture21.1407 min
-
-
Participating in Bug Bounty Programs 3
-
Hacker1 OverviewLecture22.110 min
-
Bug-Bounty OverviewLecture22.206 min
-
Submitting a Bug ReportLecture22.308 min
-
-
Bonus Section 1
-
Bonus Lecture – Want to learn more?Lecture23.103 min
-
This content is protected, please login and enroll course to view this content!