Hacking Web Applications

Dive into a comprehensive 2.5-hour video tutorial on hacking web applications, focusing on the OWASP Top 10 vulnerabilities. Learn to install and use essential tools like OWASP Juice Shop, Foxy Proxy, and Burp Suite. Explore various attack techniques including SQL injection, broken authentication, sensitive data exposure, XML external entities (XXE), broken access control, and cross-site scripting (XSS). Gain practical experience through walkthroughs and learn about defense strategies for each vulnerability. Cover additional topics such as security misconfigurations, insecure deserialization, using components with known vulnerabilities, and insufficient logging and monitoring. Enhance your web application security skills with hands-on demonstrations and expert insights.

- Introduction
- NordPass Sponsorship
- Course Overview
- The OWASP Top 10
- Installing OWASP Juice Shop
- Installing Foxy Proxy
- Exploring Burp Suite
- Introducing the Score Board
- SQL Injection Overview
- SQL Injection Walkthrough
- SQL Injection Defenses
- Broken Authentication Attacks and Defenses
- Testing for Broken Authentication
- Sensitive Data Exposure Attacks and Defenses
- Testing for Sensitive Data Exposure
- XML External Entities XXE Overview
- XXE Attacks and Defenses
- Broken Access Control Overview
- Broken Access Control Walkthrough
- Security Misconfigurations Overview
- Cross-Site Scripting XSS Overview
- Reflected XSS Walkthrough
- Stored XSS Walkthrough
- Preventing XSS
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Insufficient Logging and Monitoring
- Conclusion