Autoplay
Autocomplete
Dark Mode
Speed
Previous Lesson
Complete and Continue
Practical Web Hacking
Introduction
Welcome To The Course (4:08)
Lab Setup (8:57)
Course Support (1:20)
Web Application Components (11:12)
HTTP (14:23)
Authentication
Introduction to Authentication (17:24)
Brute-Force Attacks (17:32)
Challenge Walkthrough (6:35)
Response Timings (6:14)
Challenge Walkthrough (9:03)
Session Tokens and Sequencer (13:40)
Multi-Factor Authentication (5:01)
Challenge Walkthrough (6:02)
Access Control
Introduction to Access Control (7:40)
IDOR (Insecure Direct Object Reference) (9:29)
Challenge Walkthrough (5:33)
Attacking Weak Access Controls (7:51)
Challenge Walkthrough (7:06)
SSRF (Server-Side Request Forgery)
Introduction to SSRF (9:54)
Challenge Walkthrough (feat. Turbo Intruder) (6:44)
Blind SSRF (7:10)
Challenge Walkthrough (9:47)
SQL Injection
Introduction to SQL Injection (19:00)
Blind SQL Injection (56:16)
Challenge Waklthrough (7:29)
NoSQL Injection (15:12)
File Inclusion
Introduction to File Inclusion (17:16)
File Inclusion Payloads (3:17)
Challenge Walkthrough (2:53)
Bypassing Filters (3:59)
File Inclusion to RCE (2:33)
Challenge Walkthrough (2:30)
File Inclusion Prevention (1:22)
XXE (XML External Entity Injection)
Introduction to XXE (10:27)
Common XXE Attacks (2:07)
Challenge Walkthrough (4:50)
XXE via XInclude (4:02)
Challenge Walkthrough (2:54)
XSS / JavaScript Injection
Introduction to XSS (25:26)
DOM Invader (10:30)
Challenge Walkthrough (3:34)
Going Beyond alert(1) (9:51)
Filter and WAF Evasion Techniques (10:37)
JWTs (JSON Web Tokens)
Introduction to JWTs (5:50)
JWT Signature Attacks (6:44)
Challenge Walkthrough (4:04)
JWT_Tool (6:00)
Header Injection (7:05)
Mass Assignment
Mass Assignment (8:51)
WebSockets
Introduction to WebSockets (8:21)
WebSocket Hijacking (8:52)
Open Redirects
Open Redirects (7:05)
Race Conditions
Introduction to Race Conditions (6:47)
Single Endpoint Race Conditions (8:39)
Multi-Endpoint Race Conditions (1:53)
Challenge Walkthrough (4:19)
Capstone Challenge
Launching the Capstone (5:22)
Capstone Walkthrough (41:48)
Thank you & see you next time! (0:46)
Session Tokens and Sequencer
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock