Autoplay
Autocomplete
Speed
Previous Lecture
Complete and Continue
Hacking Web Applications and Penetration Testing: Fast Start
Introduction
1 - Introduction (1:19)
2 - Virtual Platforms (1:29)
3 - Enabling Virtualization (VT-x or AMD-V) in BIOS
4 - Lab's Architecture Diagram (2:11)
5 - Using VirtualBox vs VMware
6 - Install & Run Oracle VM VirtualBox (5:02)
7 - Installing Kali using the VMware Image - Step 1 (3:13)
8 - Installing Kali using the VMware Image - Step 2 (4:47)
9 - Installing Kali using the VMware Image - Step 3 (4:30)
10 - Installing Kali using the ISO file for VMware - Step 1 (1:26)
11 - Installing Kali using the ISO file for VMware - Step 2 (6:48)
12 - Installing Kali using the ISO file for VMware - Step 3 (2:41)
13 - Installing Kali on VirtualBox using the OVA file - Step 1 (3:14)
14 - Installing Kali on VirtualBox using the OVA file - Step 2 (6:44)
15 - Installing Kali on VirtualBox using the OVA file - Step 3 (4:11)
16 - Installing Kali using the ISO file for VirtualBox - Step 1 (1:26)
17 - Installing Kali using the ISO file for VirtualBox - Step 2 (6:49)
18 - Installing Kali using the ISO file for VirtualBox - Step 3 (4:23)
19 - Download & Install OWASPBWA (4:30)
20 - Accessing OWASP BWA (0:54)
21 - Configuring NAT Network in Oracle VM VirtualBox (1:07)
22 - Test VMs If They see Each Other (2:58)
Technologies & Standards
23 - Basic Terms & Standards (5:35)
24 - HTTP Protocol Basics and SSL (7:03)
25 - Intercepting HTTP Traffic with Burp Suite (3:46)
26 - Intercepting HTTPS Traffic with Burp Suite (2:50)
27 - Web Attacks Classification (1:36)
An Automated Tool: OWASP ZAP (Zed Attack Proxy)
28 - Introduction to OWASP ZAP (3:06)
29 - Installation of OWASP ZAP & a Quick Scan (6:25)
30 - Using OWASP ZAP as a Personal Proxy (4:40)
31 - Intercepting HTTPS Traffics with OWASP ZAP (2:17)
32 - Scanning a Website Which Requires Authentication (14:46)
Information Gathering & Configuration Management
33 - Information Gathering & Configuration Management Part 1 (5:09)
34 - Information Gathering & Configuration Management Part 2 (4:26)
Input - Output Manipulation
35 - SOP, Javascript and Input-Output Validation (7:42)
36 - XSS (Cross Site Scripting) - Reflected XSS (4:05)
37 - XSS (Cross Site Scripting) - Stored and DOM Based XSS (7:01)
38 - BeEF - The Browser Exploitation Framework (5:39)
39 - SQL Injection Part 1 (4:20)
40 - SQL Injection Part 2 (4:41)
41 - SQL Injection Part 3 (5:20)
Authentication and Authorization
42 - Authentication (5:36)
43 - Authentication Attacks (5:13)
44 - An Online Dictionary Attack with Hydra (10:01)
45 - Authorization (5:18)
46 - Path Traversal Demo (3:40)
Session Management and Cross Site Request Forgery
47 - Session Management (3:03)
48 - Session Fixation & Demo (4:22)
49 - Cross Site Request Forgery (5:12)
Information Gathering Through the Internet
50 - Introduction (6:00)
51 - Using Search Engines & Google Hacking to Gather Information (3:36)
52 - Search Engine Tools: SiteDigger and SearchDiggity (3:59)
53 - Shodan (2:50)
54 - Gathering Information About the People (2:52)
55 - Web Archives (1:53)
56 - FOCA Fingerprinting Organisations with Collected Archives (7:41)
57 - The Harvester & Recon-NG (3:15)
58 - Maltego - Visual Link Analysis Tool (4:38)
1 - Introduction