Web App Testing - SQL Injections and Live Bug Bounty Hunting

Dive deep into SQL injection techniques and live bug bounty hunting in this comprehensive 2-hour 52-minute video. Learn about advanced SQL injection attacks, including the use of UNIONs and the importance of sleep commands. Compare sqlmap, Burp Active, and manual approaches to SQL injection. Explore live bug bounty enumeration techniques, including subdomain discovery with sublist3r and crt.sh, data extraction, and host screening. Gain insights on manual enumeration and participate in an Ask Me Anything session. Perfect for aspiring ethical hackers and cybersecurity enthusiasts looking to enhance their web application testing skills.

- Welcome.
- Introduction / Overview of Week 5.
- SQL Injection refresher.
- SQL Injection attack #1.
- SQL Injection attack #2 (using UNIONs).
- sqlmap vs Burp Active vs manual.
- SQL Injection attack #3 - the importance of sleep.
- Other challenges & Easter eggs.
- Giveaway.
- Start of live bug bounty enumeration.
- Finding subdomains with sublist3r and crt.sh.
- Extracting data from crt.sh.
- For loop to test if site is up.
- Using eyewitness to screenshot hosts.
- Manual enumeration.
- Begin AMA.