Autoplay
Autocomplete
Previous Lesson
Complete and Continue
The Complete Web Penetration Testing & Bug Bounty Course
Section 1 : Introduction
1. Introduction (1:16)
2. Course Manual (6:41)
Section 2 : Kali Linux Setup
3. Kali Linux Setup Intro (0:47)
4. What is Virtual Machine? (2:43)
5. Virtualbox Installation (Windows) (15:11)
6. Virtualbox Installation (MAC) (9:53)
7. Kali Linux Download (14:28)
8. Kali Linux Download Links
9. Kali Linux Installation (19:07)
10. Installation Problem Solving (Windows) (10:46)
11. Kali Linux Manual ISO Installation (12:50)
12. Installation Problem Solving (MAC) (19:42)
13. Solutions to Common Problems & Links
14. Taking Snapshots (9:54)
15. Kali Linux Overview (13:49)
16. Navigation (11:23)
17. Moving Stuff (8:24)
18. Privilege and Permissions (14:40)
19. Linux Folders (8:01)
20. Linux Package Managers (7:56)
21. Nano (5:14)
22. Changing Password (6:29)
Section 3 : HTML Crash Course
23. HTML Crash Course Intro (0:42)
24. What is a Website? (6:44)
25. Introduction to HTML (12:19)
26. Tags (9:03)
27. Elements and Attributes (8:47)
28. Forms (12:05)
29. Footer & Header (8:09)
Section 4 : HTML Injection
30. HTML Injection Intro (0:42)
31. Installing Beebox (10:34)
32. Burpsuite Setup (21:59)
33. HTML Injection (13:09)
34. Stored HTML Injection (15:25)
35. Hacking with Forms (10:57)
36. Dirbuster Usage (12:48)
37. iFrame Injection (8:01)
Section 5 : PHP Injection
38. PHP Injection Intro (0:23)
39. PHP Code Injection (14:41)
40. Upload Vulnerability (10:48)
Section 6 : Command Execution & SSI
41. Command Execution Intro (0:18)
42. Foxy Proxy (5:03)
43. OS Command Injection (9:31)
44. Commix (8:49)
45. SSI Injection (7:06)
46. SSI Medium (4:24)
Section 7 : Directory Traversal
47. Directory Traversal Intro (0:32)
48. What is Directory Traversal? (8:55)
49. Directory Traversal Vulnerabilities (6:56)
50. Dotdotpwn (7:47)
Section 8 : XSS
51. XSS Intro (0:28)
52. Reflected XSS (12:54)
53. Reflected AJAX XSS (9:39)
54. Stored XSS (4:23)
Section 9: Access Control & IDOR
55. Broken Access Control (12:18)
56. IDOR (11:43)
57. Reading Other Users Chat (6:19)
Section 10 : CSRF
58. CSRF Intro (0:38)
59. Metasploitable Installation (8:12)
60. Metasploitable Config (9:30)
61. Cookies (6:08)
62. CSRF Introduction (7:03)
63. CSRF Simple Hack (9:40)
64. CSRF Hacking with Link (6:44)
Section 11 : Brute Force
65. Brute Force Intro (0:21)
66. Brute Force Attacks (15:21)
67. Intruder (5:40)
Section 12 : SQL Crash Course
68. SQL Crash Course Intro (0:58)
69. What is SQL? (4:47)
70. Creating SQL Tables (8:25)
71. Inserting Values to Tables (5:27)
72. Filtering (7:23)
73. Advanced Query (7:51)
74. Guessing (6:04)
Section 13 : SQL Injection Introduction
75. SQL Injection Intro (0:20)
76. Confirming SQLi Vulnerabilities (11:37)
77. Logging In Without Password (5:22)
78. OR (6:06)
79. SQLi In Hardened Security (7:49)
Section 14 : SQLi GET Request
80. SQLi GET Request Intro (0:21)
81. GET Vulnerabilities and Decoder (10:53)
82. Union Select Operations (11:29)
83. Credit Card Numbers (11:35)
Section 15 : SQLi Advanced
84. SQLi Advanced Intro (0:32)
85. Blind Injections (9:35)
86. SQLi Alternative Tests (11:44)
87. Hex Values (7:05)
88. Reading and Writing Files (7:40)
89. Shell with SQLi (7:41)
90. SQLMap (6:04)
Section 16 : Juice Shop
91. Juice Shop Intro (0:39)
92. What is Juice Shop? (10:20)
93. Juice Shop Deployment (11:02)
94. Scoreboard (12:36)
95. DOM XSS (11:03)
96. Registering Users (5:41)
97. Feedback (7:54)
98. Viewing Someone Else's Basket (7:36)
99. SQL Injection (11:18)
100. Decrypting Password from Cookies (8:22)
101. Accessing Admin Dashboard (4:26)
102. XXE Attacks (11:38)
103. Creating Users with Admin Privileges (5:52)
104. Captcha Bypass (4:16)
105. Changing Requests (6:40)
106. Faking Feedbacks and Reviews (6:46)
107. Order Negative Amount (6:08)
Section 17 : SSRF
108. What is SSRF? (9:39)
109. First SSRF Attack (13:39)
110. SSRF Backend Attack (9:37)
111. Blacklist (8:25)
112. Whitelist (9:05)
Section 18 : Information Gathering
113. Information Gathering Intro (0:51)
114. Whois Lookup (6:32)
115. DNS Lookup (8:14)
116. Sitereport (7:51)
117. Firewall (8:22)
Section 19 : API Pentesting
118. What is API Security? (12:38)
119. DigitalOcean Free Credit Link
120. Creating Server (15:43)
121. Installing API in Server (12:36)
122. Burpsuite Settings (16:23)
123. Postman (17:16)
124. Broken Object Authorization (15:15)
125. Broken Authentication (18:18)
126. Excessive Data Exposure (15:36)
127. One Time Password Bypass (10:46)
128. Broken Function Level Authentication (8:01)
129. Mass Assignment (5:19)
130. Cors (6:41)
131. SQLi (13:34)
132. Improper Asset Management (9:12)
133. Closing (2:55)
Section 20 : Making Legal Money
134. Making Legal Money Intro (0:37)
135. Making Legal Money & Next Steps (9:42)
136. Web Pentest Reporting (12:16)
Section 21: Live Bug Bounty
Live Bug Bounty (6:26)
Information Gathering (8:36)
Javascript Reviews (7:25)
Open Redirect Vulnerability (11:51)
XSS Vulnerability (10:00)
Login Exploration (15:21)
Broken Access Control (7:54)
Admin Vulnerability (9:34)
IDOR Vulnerability (7:32)
Stored XSS (19:46)
46. SSI Medium
Download
Complete and Continue
Become a Member and Get
Unlimited Access
to 30,000+ Top Cyber Security Courses And Labs.
UPGRADE NOW