Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Web Security & Bug Bounty: Learn Penetration Testing
Introduction To Bug Bounty
Web Security & Bug Bounty (1:42)
Course Outline (6:08)
Exercise: Meet Your Classmates and Instructor
What is Penetration Testing? (5:43)
What is a Bug Bounty? (6:35)
Course Resources + Guide
ZTM Plugin + Understanding Your Video Player
Set Your Learning Streak Goal
Our Virtual Lab Setup
Virtual Box, Kali Linux Download (11:09)
Important- New Kali Linux Categories (1:26)
Kali Linux Installation (12:14)
OWASPBWA Installation (8:35)
Creating TryHackMe Account (2:47)
2 Paths (2:05)
Let's Have Some Fun (+ Free Resources)
Website Enumeration & Information Gathering
Website Enumeration - Theory (4:59)
Google Dorks (11:28)
Ping, Host, Nslookup ... (7:21)
Whatweb (8:52)
Dirb (6:20)
Nmap (11:27)
Nikto (6:32)
Unlimited Updates
Introduction To Burpsuite
Burpsuite Configuration (7:47)
Burpsuite Intercept (7:27)
Burpsuite Repeater (7:48)
Burpsuite Intruder (9:20)
Course Check-In
HTML Injection
HTML Injection - Theory (3:24)
HTML Injection 1 on TryHackMe (9:01)
HTML Injection 2 - Injecting User-Agent Header (3:49)
Injecting Cookie Field and Redirecting The Page (5:23)
Advance Example of HTML Injection (13:18)
Implement a New Life System
Command Injection/Execution
Command Injection Theory (4:14)
Command Injection On TryHackMe and Blind Command Injection (9:55)
Solving Challenges With Command Injection (9:30)
Running PHP Reverse Shell With Command Execution Vulnerability (7:26)
Bypassing Input Filter And Executing Command (7:24)
Broken Authentication
Broken Authentication Theory (4:23)
Broken Authentication On TryHackMe (6:00)
Broken Authentication Via Cookie (4:30)
Basic Authorization in HTTP Request (6:34)
Forgot Password Challenge (8:21)
Session Fixation Challenge (5:09)
Bruteforce Attacks
Cluster Bomb Bruteforce (6:38)
Hydra Bwapp Form Bruteforce (12:20)
Hydra Post Request Form Bruteforce (5:24)
Bonus - Hydra SSH Attack (4:14)
Sensitive Data Exposure
Sensitive Data Exposure Example (10:11)
Broken Access Control
Broken Access Control - Theory (6:27)
Accessing passwd With BAC (4:24)
Ticket Price IDOR (6:33)
Security Misconfiguration
Security Misconfiguration - Default App Credentials (4:41)
Exercise: Imposter Syndrome (2:55)
Cross Site Scripting - XSS
XSS Theory (6:12)
Changing Page Content With XSS (10:53)
Bypassing Simple Filter (3:48)
Downloading a File With XSS Vulnerability (9:05)
DOM XSS Password Generator (5:35)
JSON XSS (8:09)
Old Vulnerable Real Applications (4:11)
SQL Injection
SQL Injection Theory (4:00)
Guide To Exploiting SQL Injection (8:00)
Getting Entire Database (5:25)
Extracting Passwords From Database (19:43)
Bypassing Filter In SQL Query (6:06)
Blind SQL Injection (11:38)
XML, XPath Injection, XXE
XPath Injection (6:23)
XPath Injection 2 (3:57)
XXE (7:22)
Components With Known Vulnerabilities
Components With Known Vulnerabilities (10:06)
Insufficient Logging And Monitoring
Insufficient Logging And Monitoring Example (4:01)
Monetizing Bug Hunting
What's Next & How To Earn Money By Finding Vulnerabilities? (11:35)
Unique and Interesting Bugs Discovered
Bonus - Web Developer Fundamentals
Browsing the Web (6:00)
Breaking Google (2:59)
The Internet Backbone (5:29)
Traceroute (2:24)
HTML, CSS, Javascript (5:04)
Build Your First Website (7:48)
HTML Tags (8:39)
Your First CSS (13:42)
What Is Javascript? (5:33)
Your First Javascript (11:41)
Javascript On Our Webpage (9:05)
HTTP/HTTPS (19:58)
Introduction To Databases (10:54)
SQL: Create Table (5:15)
SQL: Insert Into + Select (4:33)
What is PHP? (5:16)
Bonus - Linux Terminal
Linux 1 - ls, cd, pwd, touch... (13:46)
Linux 2 - sudo, nano, clear ... (7:00)
Linux 3 - ifconfig, nslookup, host ... (7:34)
Bonus - Networking
Networking Cheatsheet
Where To Go From Here?
Thank You (1:13)
Review This Course!
Become An Alumni
Learning Guideline
ZTM Events Every Month
LinkedIn Endorsements
Basic Authorization in HTTP Request
This lecture is available exclusively for ZTM Academy members.
If you're already a member,
you'll need to login
.
Join ZTM To Unlock All Lectures