Introduction
- Welcome To the Web Applications Hacking and Penetration Testing Course
- How I Hacked The Payment System of Origin Energy (Australian Company)
- Facebook Bug- Facebook Users (Denial of Use) Attack
Basics
- How Websites work?
Preperation
- Install XAMPP & DVWA
- Questions
- Install Burp Suite Proxy
- Configure Burp Suite Proxy
- Make Burp Suite Capture SSL Traffic
- Install Python
- Install Vega Scanner
- Setting the DVWA Security Level
Information Gathering
- Getting Domain Information
- Identify Technology & Software On Websites
- Finding Subdomains
Cross Site Scripting (XSS)
- Cross Site Scripting (XSS) Explained
- Stored Cross Site Scripting (XSS) Vulnerability
- Reflected Cross Site Scripting (XSS) Vulnerability
Cross Site Request Forgery (CSRF)
- Cross Site Request Forgery (CSRF) Explained
- Cross Site Request Forgery (CSRF) Vulnerability
SQL Injection
- SQL Injection Explained
- SQL Injection Vulnerability
Command Execution
- Command Execution Explained
- Command Execution Vulnerability
File Upload
- File Upload Vulnerability
- How to Generate Web Backdoors (Shells)?
Brute Force Attack
- Brute Force a Login Page
- Create Word lists for Password Cracking
- Real World Brute Force Attack
Real World Hacking
- Vega download links
- Discover vulnerabilities using Vega scanner
- Exploiting SQL injection using sqlmap
- Exploiting Cross Site Scripting (XSS) using BruteXSS tool
- Exploiting Script Source Code Disclosure Vulnerability
- Discover Vulnerabilities using Arachni Scanner
Penetration Testing Content Management Systems (CMS)
- 1. CMS Intro
- 2- CMS Intro
- 3. CMS Intro
- 4. CMS Intro
- 5. CMS Intro
- 6. CMS Intro
- 7. CMS Intro
- 8. CMS Intro
Bonus Section
- Bonus Lecture
