Autoplay
Autocomplete
Dark Mode
Speed
Previous Lesson
Complete and Continue
Advanced Web Hacking
Welcome to the Course
Welcome to the Course (1:31)
How to get Support (1:32)
Prototype Pollution
Introduction (4:31)
Prerequisite Knowledge - Part 1 - Object Structures and Prototypes (26:44)
Prerequisite Knowledge - Part 2 - Deep and Shallow Copy (8:29)
Prerequisite Knowledge - Part 3 - Prototype Pollution and "__proto__" (14:22)
Prerequisite Knowledge - Part 4 - Methodology (5:49)
Lab Setup (13:26)
Client-Side Prototype Pollution (28:22)
Client-Side Prototype Pollution with DOM Invader (5:44)
Client-Side Prototype Pollution Challenge Introduction (1:23)
Client-Side Prototype Pollution Challenge Walkthrough (8:25)
Server-Side Prototype Pollution (28:56)
Server-Side Prototype Pollution with Scanners (8:02)
Prototype Pollution Reports (6:27)
Checking NPM Libraries for Known Prototype Pollution Vulnerabilities (4:58)
Finding Undiscovered Prototype Pollution in NPM Libraries (13:35)
Capstone Challenge Introduction (1:51)
Capstone Challenge Walkthrough (16:59)
Attacking GraphQL
Welcome to the Module (0:37)
What is GraphQL? (7:12)
Building a Simple GraphQL Application (19:48)
Recon: Finding GraphQL Endpoints (16:17)
Introspection (21:28)
Information Disclosure (14:31)
Information Disclosure Challenge Walkthrough (6:33)
Authentication and Access Control (18:13)
Authentication and Access Control Challenge Walkthrough (5:25)
Denial of Service (14:37)
Injection, CSRF, and Other Web Attacks (15:38)
Capstone Challenge (3:33)
Capstone Walkthrough (8:45)
Finding Undiscovered Prototype Pollution in NPM Libraries
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock