Burp Authorize | David Bombal

Autoplay
Autocomplete

Previous Lesson Complete and Continue

Ethical hacking guide A-Z

00x00 Syllabus

Syllabus

Getting Help

Answering your questions (1:53)

00x01 Introduction

Introduction
Intro Video (7:18)
What is "Ethical" hacking"?
How to engage a target?
How to engage a target? (3:53)
@Ch1R0n1n: What it means to be an Ethical Hacker.pdf
@Ch1R0n1n: What it means to be an Ethical Hacker.pptx
@Ch1R0n1n: What is an Ethical Hacker? (13:28)
QUIZ: How ethical are you?
Assignment: Describe the deliverables of a pentest in your own words
Assignment: Let's fuzz hackxpert.com

00x02- Networking and Web application basics

Web fundamentals Video (7:30)
Web fundamentals
Assignment: Web
Transferring files (3:08)
Downloading files
Fundamentals - Fuzzing.mp4 (2:49)
Fuzzing
Assignment: Let's fuzz hackxpert.com
Networking fundamentals
Assignment: Networking
Quiz: 00x02 Fundamentals
Realistic assignment: Fuzz our pentesting assignment
SOLUTION: Realistic assignment: Fuzz our pentesting assignment

00x03 - Tools

Linux CLI (2:33)
Netcat (5:08)
Netcat In depth Article
OWASP Zap Is Awesome_ First Impressions.mp4 (14:42)
00x03 OWASP ZAP
Assignment: Using OWASP ZAP
Quiz: 00x03 tools
00x03 Active recon
DNS in depth
DNS (7:11)
Quiz:00x03 DNS
Assignment: 00x03 DNS

00x04 Passive information gathering

Passive information gathering
Passive information gathering (3:03)
Quiz: 00x04 Passive information gathering

00x05 Getting a foothold

Getting a foothold (3:47)
@Ch1R0n1n: Directory Busting Walkthrough.mp4 (17:38)
@Ch1R0n1n: Directory Busting.ppt
@TheXSSRat: Directory_brute_forcing.pdf
@Ch1R0n1n: Working with Exploits.mp4 (12:18)
@Ch1R0n1n: Working with Exploits.ppt
SMB enum
@Ch1R0n1n: SMB Enumeration.mp4 (21:35)
@Ch1R0n1n: SMB Enumeration.ppt
FTP Enumeration.MP4 (23:31)
FTP Enumeration
FTP Enumeration.ppt
SNMP enum
NFS enum
Telnet enum
SSH enum
Enumeration cheat sheet
Getting a foothold- The puzzle pieces fall in place - Video (12:29)
Getting a foothold- The puzzle pieces fall in place
Quiz: 0x05 Enum
Assignment: - Foothold
Assignment: - Foothold - Solutions

00x006 Privilege escalation

Linux priv-esc (33:16)
Linux priv esc PPTX
Linux priv esc Article
Linux priv esc Ex 1 MP4 (12:04)
Linux priv esc Ex 2 MP4 (20:52)
Quiz: Privilege escalation [Linux]
Windows Priv Esc MP4 (66:43)
Windows_Privilege_Escalation.pdf
Windows priv esc Article
Assignment: 00x06 Reading the doctor's hidden files
Assignment: Linux priv esc

00x07 Vulnerability scanning

Vulnerability scanning (7:20)
Nmap NSE (5:56)
OpenVas (11:27)
Vulnerability scanning 02 (28:58)

00x08 Buffer overflows

Buffer overflows Walkthrough (44:01)
Buffer Overflows PPTX

00x09 Burp Suite (Large section)

Intro (0:35)
Dashboard + live and passive scans (16:33)
Burp Suite Dashboard.pdf
03 Target tab.mp4 (4:48)
Target tab
Proxy tab (10:11)
Burp suite Proxy .pdf
05 Intruder.mp4 (9:58)
Intruder
06 Repeater.mp4 (5:00)
Repeater
07 Sequencer.mp4 (3:46)
Sequencer
08 Decoder.mp4 (2:57)
Decoder
09 comparer.mp4 (1:48)
Comparer
10 Market place (Plugins) + more.mp4 (2:53)
Burp Suite Extender
Burp collaborator
Burp Authorize
Burp Match and replace
Burp Suite Content discovery
Burp suite Top 5 Professional extensions
Testing mobile applications with burp suite
Burp suite How to use burp to look for SQLi
Quiz : Burpsuite
Exercises
ASSIGNMENT: Get to know burp suite community edition
00x09 ASSIGNMENT - SOLUTION: Let's engage with burp suite free

00x10-00 Introduction to JWT hacking

JWT tokens - What are they and how can we hack them.mp4 (3:45)
Lab: JWT hacking

00x10-01 Open redirects

Open redirects: what are they and what is the impact?
Open redirects (2:37)
Labs: Open redirects
Quiz: Open Redirects

00x10-02 CSRF

What Exactly Is CSRF And How Does It Look Like In PHP? (7:25)
Powerpoint: CSRF
bug-bounty-beginner-methodology_-csrf (9:40)
How Uncle Rat Hunts For CSRF During Bug Bounties (10:04)
CSRF - Full text.pdf
Quiz: CSRF
Labs: CSRF

00x10-03 Broken Acces Control

Broken-access-control_-what-is-it-and-how-do-you-test-for-it. (11:02)
BAC.png
BAC.pdf
BAC : Quiz
Lab: BAC
Solutions lab:BAC

00x10-04 IDOR

IDOR Exp (15:57)
IDOR - Slides.pdf
idors_-what-are-they-and-how-do-you-look-for-them (11:45)
don-t-test-for-idor-s-manually-autorize-is-so-much-faster (6:25)
5-ways-to-test-for-idor-demonstrated (9:51)
did-you-know-you-can-chain-idors (5:47)
Quiz: IDOR
Labs IDOR

00x10-05 Business Logic Laws

business-logic-vulnerabilities (5:16)
business-logic-flaws_-you-should-probably-look-into-this (15:55)
Business_logic_flaws - full text.pdf
Business logic flaws - Powerpoint
Business_logic_vulnerabilities.pdf
full-business-logic-flaws (21:28)
Labs Logic errors
Quiz : Business Logic

00x10-6 XXE

XXE-Full text PDF
Intro (2:51)
what-is-xxe (5:25)
finding-attack-vectors (6:12)
exploiting (5:04)
wafs-and-filters (2:01)
XML_eXternal_Entities.pdf
Tools-and-prevention (5:12)
XXE : Quiz

00x10-07 Template Injection

CSTI.pdf
SSTI
The crazy world of SSTi.pdf
CSTI.pptx
Client Side Template Injection (3:04)
Server Side Template Injection (10:57)

00x10-08 XSS

ultimate-xss-guide (27:45)
XSS - Ultimate beginner guide.pdf
WAF_evasion_techniques.pdf
Testing for reflected XSS.pdf
Testing for stored XSS.pdf
DOM_XSS_.pdf
advanced-xss-techniques (17:28)
XSS - Advanced techniques.pdf
waf-bypass-techniques (21:14)
Labs: XSS

00x10-09 Insecure deserilisation

Insecure deserilisation (3:29)
Insecure deserilisation: Not as hard as you think
OWASP TOP 10: Insecure deserilisation

00x10-10 Captcha bypass

Captcha bypass
CAPTCHA bypasses (2:48)
00x10 Labs: Captcha bypass

00x10-11 SSRF

uncle-rats-ultimate-ssrf-guide-for-bug-bounties (8:43)
blind-ssrf_-what-is-it_-impact_-how-to-exploit-it (4:20)
SSRF-Slides.pdf
SSRF.pdf
Quiz: SSRF

00x10 Command Injection

os-command-injection (5:32)
Command_injection - Slides.pdf
how-do-i-test-for-blind-command-injection (4:20)
uncle-rats-ultimate-guide-to-finding-os-command-injection (6:18)

00x10 SQLi

0-intro (2:11)
1-what-are-sqli (2:59)
2-detecting-sqli (5:13)
3-types-of-sqli (10:26)
4-boolean-based-sqli (6:47)
5-sqlmap (3:19)
6-references-amp-exercises (3:50)
Slides.pdf
1-portswigger-simple-login-bypass (2:59)
2-union-based-sqli-to-rce (9:00)
3-mssql-injection-to-rce (7:47)
4-waf-bypasses (1:57)
5-sqli-waf-bypass (17:02)
6-sqli-xss-and-xxe-all-in-one-payload (20:39)

00x10-11 (Admin) login pages

admin login panel bypass (3:46)
00x10/11 (Admin) login pages
Assignment: 00x10/11 (Admin) login pages - Labs

00x11-1 Broad scope web application methodology - General methodology

Broad_scope_methodology_-_Manual.pdf
manual-recon (14:30)
0 Subdomain Enum.pptx
2-processing-subdomains (4:18)
2 Checking the list.pptx
automatic-recon (16:08)
Automatic subdomain enum.pptx

00x11-2 Broad scope web application methodology - Manual Hacking

Subdomain flyover.pptx
subdomain-flyover (6:08)
exploiting-open-ports (6:08)
Exploiting open ports.pptx

00x11-3 Broad scope web application methodology - Vulnerability scanning

A vulnerability scanning.pptx
B Chaining it all together.pptx
our-attack-strategy (10:04)
vulnerability-scanning (11:01)

00x11-4 Broad scope web application methodology - Practical Methodology

Creating_our_list_of_su20creating20our20list20of20subdomains.pdf
Processing_Our_List_Of_S20processing20our20list20of20subdomain.pdf
Subdomain_flyov20subdomain20flyover.pdf
Exploiting_open_p20exploiting20open20ports.pdf
Vulnerability_scanni20vulnerability20scanning.pdf
Vulnerability_testing_stra20vulnerability20testing20strategy.pdf

00x11-5 Broad scope web application methodology - Extra's

Analyzing_javascript_files.pdf
What_the_ffuf_.pdf
Nuclei template cheat sheet
vulnerability scanning
Nuclei scanning
Running_your_scripts_on_a_VPS.pdf
Broad Scope Methodology.png
Directory_brute_forcing.pdf
quickly-identify-a-target-from-a-list-of-thousands-of-dns-records-multi-domain-r (3:18)
exploit-db-examples (3:15)
List_of_to20list20of20tools.pdf
you-are-probably-doing-directory-brute-forcing-wrong-here-s-why (5:43)
Quiz: Creating nuclei templates

00x12 API Testing

Postman - Theory (17:06)
API hacking with postman Part 1 - getting the basics down (20:57)
API hacking with postman Part 2 - importing the API description (3:33)
API hacking with postman Part 3 Pre-request scripts, tests and console (11:01)
API hacking with postman Part 4 - Getting dirty with data sources (8:03)
REST-API_goat_project.pdf
postman lab - Tiredful API.pdf
API Broken Access Control Through Replacing HTTP Method (5:14)
API hacking by Chaining postman into burp suite (8:15)

00x12 OWASP API top 10

API0 2019 What is an API?
API1 2019 Broken Object Level Authorization
API2 2019 Broken User Authentication
API3 2019 Excessive Data Exposure
API4 2019 Lack of rate limiting
API5 2019 Broken Function Level Authorization
API6 2019 Mass Assignment
API7 2019 Security Misconfiguration
API8 2019 Injection
API9 2019 Improper Assets Management
API top 10 - 0 through 3 (28:57)
OWASP API TOP 10 - 4 to 7 (31:47)
API8-2019 Injection (9:41)
API9-2019 improper asset management (7:16)
OWASP API top 10 - 10 insufficient logging and monitoring (1:31)

00x13 Mobile hacking

OWASP M1.2016 improper platform usage (5:24)
OWASP M2.2016 - insecure data storage (1:28)
OWASP M3.2016 Insecure communication (2:07)
OWASP M4.2016 Insecure authentication (3:38)
OWASP M5 Insufficient cryptography (2:22)
OWASP M6. Insecure authorization (3:07)
OWASP M7. bad code quality (5:35)
OWASP M8. Code tampering (2:36)
OWASP M9 Reverse engineering (2:33)
OWASP M10. Extranous functionality (1:56)

00x13 Mobile hacking - Setting up Android Lab

installation-chapter-1 (3:09)
installation-chapter-2 (1:44)
installation-chapter-3 (7:09)
installation-chapter-4 (3:16)
Mobile android lab setup.pptx

00x16 Password attacks

Password Cracking (24:46)
Password Cracking.pptx
Tools List.TXT.docx

Extras

Automation (8:01)
Pentesting checklist
NDA example (You get this from the client)
Assignment example
Test plan example
Test report example

French Translation

Ethical hacking guide A-Z_FR_V1.1_Chap_1.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_2.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_3.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_4.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_5.docx
Ethical hacking guide A-Z_FR_V1.1_Chap_6.docx

Teach online with

Burp Authorize

Lesson content locked

If you're already enrolled, you'll need to login.

Enroll in Course to Unlock