Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Security for Developers - an Offensive Approach
0. Agenda
Agenda (3:29)
VMs required to replicate the lab
Additional resources
1. Overview of Web Penetration Testing
1.1. Overview of Web Penetration testing (10:46)
1.2. Information gathering part 1 (10:46)
1.2. Information gathering part 2 (10:36)
1.2. Information gathering part 3 (6:03)
1.3. Scannig and Enumeration (3:20)
1.4. Mapping (9:42)
1.5. Attacking the users - Reflected XSS (10:28)
1.6. Attacking the users - Stored XSS (15:28)
1.7. Attacking the users - CSRF, Clickjacking, Open Redirect (11:56)
1.8. Attacking the server - OS Command Injection (8:27)
1.9. Attacking the Server - SMTP Injection (3:48)
1.10. Atacking Authentication (8:32)
1.11. Attacking the datastore - SQLi part 1 (11:56)
1.12. Attacking the datastore - SQLi part 2 (12:18)
2. OWASP API Top 10 Vulnearbilities
2.1. API OWASP Top 10 - part 1 (15:20)
2.2. API OWASP Top 10 - part 2 (12:34)
3. OWASP Web Top 10 Vulnerabilities
3. OWASP Top 10 - Web (17:58)
4. HTTP Security Headers
4. HTTP Security Headers (15:06)
5. JSON Web Tokens
5. JSON Web Tokens (16:49)
6. Technical measures and best practices
6.1. Technical measures and best practices - part 1 (13:45)
6.2. Technical measures and best practices - part 2 (14:05)
7. Cryptography
7.1. Cryptography - part 1 (15:13)
7.2. Cryptography - part 2 (10:08)
4. HTTP Security Headers
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock