Dive into advanced web application testing techniques in this comprehensive video tutorial. Learn to enumerate using Burp Suite and manual spidering, tackle challenges involving scoreboard discovery and confidential statement retrieval, and master UI bypassing of HTML forms. Explore the intricacies of Cross-Site Scripting (XSS) attacks, including DOM and Reflected XSS, while also covering XSS defenses. Engage with hands-on challenges that reinforce concepts such as redirect handling, DRY principle in registration processes, and error handling. Gain practical insights into web security vulnerabilities and their mitigation strategies throughout this intensive 1 hour and 34 minute session.
Overview
Syllabus
- Salutations.
- Overview of lesson.
- Enumerating with Burp Suite and manual spidering.
- Challenge 1: Find the scoreboard.
- Challenge 2 - Find a confidential statement.
- Challenge 3 - Redirects tier 1.
- Challenge 4 - Repetitive registration (DRY principal).
- UI Bypassing HTML forms.
- Challenge 5 - 0 stars (UI Bypassing).
- Challenge 6 - Error handling.
- XSS Overview.
- Challenge 7 - XSS Tier 1 (DOM XSS).
- Challenge 8 - Read the privacy policy.
- Challenge 9 - XSS Tier 0 (Reflected XSS).
- XSS defenses.
Taught by
The Cyber Mentor
Related Courses
-
Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
4.6 -
Web Application Ethical Hacking - Penetration Testing Course for Beginners
4.1 -
Complete Website Ethical Hacking and Penetration Testing
-
Learn web application penetration testing from %00
-
Using Burp to Test for the OWASP Top Ten
-
Web App Penetration Testing Tutorials
3.0
