Web App Testing - Enumeration, XSS, and UI Bypassing

Dive into advanced web application testing techniques in this comprehensive video tutorial. Learn to enumerate using Burp Suite and manual spidering, tackle challenges involving scoreboard discovery and confidential statement retrieval, and master UI bypassing of HTML forms. Explore the intricacies of Cross-Site Scripting (XSS) attacks, including DOM and Reflected XSS, while also covering XSS defenses. Engage with hands-on challenges that reinforce concepts such as redirect handling, DRY principle in registration processes, and error handling. Gain practical insights into web security vulnerabilities and their mitigation strategies throughout this intensive 1 hour and 34 minute session.

- Salutations.
- Overview of lesson.
- Enumerating with Burp Suite and manual spidering.
- Challenge 1: Find the scoreboard.
- Challenge 2 - Find a confidential statement.
- Challenge 3 - Redirects tier 1.
- Challenge 4 - Repetitive registration (DRY principal).
- UI Bypassing HTML forms.
- Challenge 5 - 0 stars (UI Bypassing).
- Challenge 6 - Error handling.
- XSS Overview.
- Challenge 7 - XSS Tier 1 (DOM XSS).
- Challenge 8 - Read the privacy policy.
- Challenge 9 - XSS Tier 0 (Reflected XSS).
- XSS defenses.