Rana Khalil - Web Security Academy Series Course

12.32 GB | 00:45:18 | mp4 | 1920X1080 | 16:9
Genre:eLearning |Language:English

Files Included :
1 Introduction to the Web Security Academy Series (29.81 MB)
1 Answering Your Questions (10.56 MB)
1 Lab Environment Setup (32.45 MB)
01 SQL Injection - Complete Guide (113.07 MB)
02 Lab 1 - SQL injection vulnerability in WHERE clause allowing retrieval of hidden data (141.55 MB)
03 Lab 2 - SQL injection vulnerability allowing login bypass (144.07 MB)
04 Lab 3 - SQLi UNION attack determining the number of columns returned by the query (153.79 MB)
05 Lab 4 - SQL injection UNION attack, finding a column containing text (150.86 MB)
06 Lab 5 - SQL injection UNION attack, retrieving data from other tables (122.56 MB)
07 Lab 6 - SQL injection UNION attack, retrieving multiple values in a single column (132.46 MB)
08 Lab 7 - SQL injection attack, querying the database type and version on Oracle (148.1 MB)
09 Lab 8 - SQLi attack, querying the database type and version on MySQL & Microsoft (123.29 MB)
10 Lab 9 - SQL injection attack, listing the database contents on non Oracle databases (262.03 MB)
11 Lab 10 - SQL injection attack, listing the database contents on Oracle (228.75 MB)
12 Lab 11 - Blind SQL injection with conditional responses (172.97 MB)
13 Lab 12 - Blind SQL injection with conditional errors (225.95 MB)
14 Lab 13 - Blind SQL injection with time delays (97.97 MB)
15 Lab 14 - Blind SQL injection with time delays and information retrieval (180.18 MB)
17 Lab 15 - Blind SQL injection with out-of-band interaction (55.59 MB)
18 Lab 16 - Blind SQL injection with out of band data exfiltration (43.01 MB)
19 Lab 17 - SQL injection with filter bypass via XML encoding (34.8 MB)
20 Lab 18 - Visible error-based SQL injection (71.8 MB)
01 Authentication Vulnerabilities - Complete Guide (83.5 MB)
02 Lab 1 - Username enumeration via different responses (21.7 MB)
03 Lab 2 - 2FA simple bypass (43.71 MB)
04 Lab 3 - Password reset broken logic (59.37 MB)
05 Lab 4 - Username enumeration via subtly different responses (32.19 MB)
06 Lab 5 - Username enumeration via response timing (56.55 MB)
07 Lab 6 - Broken brute-force protection, IP block (51.28 MB)
08 Lab 7 - Username enumeration via account lock (38.26 MB)
09 Lab 8 - 2FA broken logic (37.05 MB)
10 Lab 9 - Brute-forcing a stay-logged-in cookie (70.84 MB)
11 Lab 10 - Offline password cracking (61.28 MB)
12 Lab 11 - Password reset poisoning via middleware (47.26 MB)
13 Lab 12 - Password brute-force via password change (111.31 MB)
14 Lab 13 - Broken brute-force protection, multiple credentials per request (72.99 MB)
15 Lab 14 - 2FA bypass using a brute-force attack (37.4 MB)
1 Directory Traversal - Complete Guide (50.55 MB)
2 Lab 1 - File path traversal, simple case (69.33 MB)
3 Lab 2 - File path traversal, traversal sequences blocked with absolute path bypass (58.94 MB)
4 Lab 3 - File path traversal, traversal sequences stripped non-recursively (68.52 MB)
5 Lab 4 - File path traversal, traversal sequences stripped with superfluous URL-decode (63.93 MB)
6 Lab 5 - File path traversal, validation of start of path (53.92 MB)
7 Lab 6 - File path traversal, validation of file extension with null byte bypass (51.82 MB)
1 Command Injection - Complete Guide (80.31 MB)
2 Lab 1 - OS command injection, simple case (89.77 MB)
3 Lab 2 - Blind OS command injection with time delays (95.73 MB)
4 Lab 3 - Blind OS command injection with output redirection (141.15 MB)
6 Lab 4 - Blind OS command injection with out-of-band interaction (28.7 MB)
7 Lab 5 - Blind OS command injection with out-of-band data exfiltration (33.57 MB)
01 Business Logic Vulnerabilities - Complete Guide (45.26 MB)
02 Lab 1 - Excessive trust in client-side controls (111.33 MB)
03 Lab 2 - High-level logic vulnerability (118.23 MB)
04 Lab 3 - Inconsistent security controls (23.62 MB)
05 Lab 4 - Flawed enforcement of business rules (132.14 MB)
06 Lab 5 - Low-level logic flaw (53.58 MB)
07 Lab 6 - Inconsistent handling of exceptional input (67.1 MB)
08 Lab 7 - Weak isolation on dual-use endpoint (101.3 MB)
09 Lab 8 - Insufficient workflow validation (96.07 MB)
10 Lab 9 - Authentication bypass via flawed state machine (74.16 MB)
11 Lab 10 - Infinite money logic flaw (201.05 MB)
12 Lab 11 - Authentication bypass via encryption oracle (91.15 MB)
01 Information Disclosure - Complete Guide (70.55 MB)
02 Lab 1 - Information disclosure in error messages (50.76 MB)
03 Lab 2 - Information disclosure on debug page (49.96 MB)
04 Lab 3 - Source code disclosure via backup files (55.48 MB)
05 Lab 4 - Authentication bypass via information disclosure (50.62 MB)
06 Lab 5 - Information disclosure in version control history (16.69 MB)
01 Broken Access Control - Complete Guide (94.7 MB)
02 Lab 1 - Unprotected admin functionality (48.3 MB)
03 Lab 2 - Unprotected admin functionality with unpredictable URL (104.66 MB)
04 Lab 3 - User role controlled by request parameter (125.93 MB)
05 Lab 4 - User role can be modified in user profile (103.1 MB)
06 Lab 5 - URL-based access control can be circumvented (69.66 MB)
07 Lab 6 - Method-based access control can be circumvented (74.99 MB)
08 Lab 7 - User ID controlled by request parameter (105.1 MB)
09 Lab 8 - User ID controlled by request parameter, with unpredictable user IDs (135.66 MB)
10 Lab 9 - User ID controlled by request parameter with data leakage in redirect (86.78 MB)
11 Lab 10 - User ID controlled by request parameter with password disclosure (109.24 MB)
12 Lab 11 - Insecure direct object references (96.96 MB)
13 Lab 12 - Multi-step process with no access control on one step (69.98 MB)
14 Lab 13 - Referer-based access control (62.31 MB)
01 File Upload Vulnerabilities - Complete Guide (58.62 MB)
02 Lab 1 - Remote code execution via web shell upload (122.08 MB)
03 Lab 2 - Web shell upload via Content-Type restriction bypass (108.42 MB)
04 Lab 3 - Web shell upload via path traversal (117.13 MB)
05 Lab 4 - Web shell upload via extension blacklist bypass (137.91 MB)
06 Lab 5 - Web shell upload via obfuscated file extension (107.45 MB)
07 Lab 6 - Remote code execution via polyglot web shell upload (27.47 MB)
08 Lab 7 - Web shell upload via race condition (57.73 MB)
1 Server-Side Request Forgery (SSRF) - Complete Guide (123.78 MB)
2 Lab 1 - Basic SSRF against the local server (103.24 MB)
3 Lab 2 - Basic SSRF against another back-end system (151.07 MB)
4 Lab 3 - SSRF with blacklist-based input filter (113.3 MB)
5 Lab 4 - SSRF with whitelist-based input filter (107.86 MB)
6 Lab 5 - SSRF with filter bypass via open redirection vulnerability (109.77 MB)
8 Lab 6 - Blind SSRF with out-of-band detection (32.66 MB)
9 Lab 7 - Blind SSRF with Shellshock exploitation (64.45 MB)
01 XXE Injection - Complete Guide (117.58 MB)
02 Lab 1 - Exploiting XXE using external entities to retrieve files (50.26 MB)
03 Lab 2 - Exploiting XXE to perform SSRF attacks (51.86 MB)
05 Lab 3 - Blind XXE with out-of-band interaction (25.2 MB)
06 Lab 4 - Blind XXE with out-of-band interaction via XML parameter entities (26.92 MB)
07 Lab 5 - Exploiting blind XXE to exfiltrate data using a malicious external DTD (73.81 MB)
08 Lab 6 - Exploiting blind XXE to retrieve data via error messages (46.66 MB)
09 Lab 7 - Exploiting XInclude to retrieve files (62.18 MB)
10 Lab 8 - Exploiting XXE via image file upload (107.3 MB)
11 Lab 9 - Exploiting XXE to retrieve data by repurposing a local DTD (116.56 MB)
01 Cross-Site Scripting (XSS) - Complete Guide (90.77 MB)
02 Lab 1 - Reflected XSS into HTML context with nothing encoded (15.97 MB)
03 Lab 2 - Stored XSS into HTML context with nothing encoded (21.7 MB)
04 Lab 3 - DOM XSS in document write sink using source location search (28.02 MB)
05 Lab 4 - DOM XSS in innerHTML sink using source location search (21.84 MB)
06 Lab 5 - DOM XSS in jQuery anchor href attribute sink using location search source (21.99 MB)
07 Lab 6 - DOM XSS in jQuery selector sink using a hashchange event (41 MB)
08 Lab 7 - Reflected XSS into attribute with angle brackets HTML-encoded (21.62 MB)
09 Lab 8 - Stored XSS into anchor href attribute with double quotes HTML-encoded (21.8 MB)
10 Lab 9 - Reflected XSS into a jаvascript string with angle brackets HTML encoded (19.84 MB)
11 Lab 10 - DOM XSS in document write sink using source location search inside a select element (33.59 MB)
12 Lab 11 - DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded (16.12 MB)
13 Lab 12 - Reflected DOM XSS (36.23 MB)
14 Lab 13 - Stored DOM XSS (29.29 MB)
15 Lab 14 - Exploiting cross-site scripting to steal cookies (33.16 MB)
16 Lab 15 - Exploiting cross-site scripting to capture passwords (32 MB)
17 Lab 16 - Exploiting XSS to perform CSRF (48.43 MB)
18 Lab 17 - Reflected XSS into HTML context with most tags and attributes blocked (39.8 MB)
19 Lab 18 - Reflected XSS into HTML context with all tags blocked except custom ones (41.24 MB)
20 Lab 19 - Reflected XSS with some SVG markup allowed (25.52 MB)
21 Lab 20 - Reflected XSS in canonical link tag (28.11 MB)
22 Lab 21 - Reflected XSS into a jаvascript string with single quote and backslash escaped (16.95 MB)
23 Lab 22 - Reflected XSS into a jаvascript string with angle brackets and double quotes HTML-encoded and single quotes escaped (24.48 MB)
24 Lab 23 - Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped (30.44 MB)
25 Lab 24 - Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and backticks Unicode-escaped (13.21 MB)
01 Cross-Site Request Forgery (CSRF) - Complete Guide (134.04 MB)
03 Lab 1 - CSRF vulnerability with no defenses (95.61 MB)
04 Lab 2 - CSRF where token validation depends on request method (90.25 MB)
05 Lab 3 - CSRF where token validation depends on token being present (64.64 MB)
06 Lab 4 - CSRF where token is not tied to user session (86.11 MB)
07 Lab 5 - CSRF where token is tied to non-session cookie (146.22 MB)
08 Lab 6 - CSRF where token is duplicated in cookie (114.97 MB)
09 Lab 7 - CSRF where Referer validation depends on header being present (93.75 MB)
10 Lab 8 - CSRF with broken Referer validation (85.75 MB)
11 Lab 9 - SameSite Lax bypass via method override (27.54 MB)
12 Lab 10 - SameSite Strict bypass via client-side redirect (52.99 MB)
13 Lab 11 - SameSite Strict bypass via sibling domain (119.37 MB)
14 Lab 12 - SameSite Lax bypass via cookie refresh (69 MB)
1 Cross-Origin Resource Sharing (CORS) - Complete Guide (122.61 MB)
2 Lab 1 - CORS vulnerability with basic origin reflection (61.27 MB)
3 Lab 2 - CORS vulnerability with trusted null origin (78.21 MB)
4 Lab 3 - CORS vulnerability with trusted insecure protocols (109.74 MB)
5 Lab 4 - CORS vulnerability with internal network pivot attack (160.21 MB)
01 Clickjacking - Complete Guide (74.9 MB)
02 Lab 1 - Basic clickjacking with CSRF token protection (32.11 MB)
03 Lab 2 - Clickjacking with form input data prefilled from a URL parameter (38.63 MB)
04 Lab 3 - Clickjacking with a frame buster script (20.74 MB)
05 Lab 4 - Exploiting clickjacking vulnerability to trigger DOM-based XSS (29.44 MB)
06 Lab 5 - Multistep clickjacking (25.67 MB)
1 DOM-Based Vulnerabilities - Complete Guide (102.39 MB)
2 Lab 1 - DOM XSS using web messages (23.17 MB)
3 Lab 2 - DOM XSS using web messages and a jаvascript URL (22.4 MB)
4 Lab 3 - DOM XSS using web messages and JSON parse (24.79 MB)
5 Lab 4 - DOM-based open redirection (35.16 MB)
6 Lab 5 - DOM-based cookie manipulation (41.56 MB)
7 Lab 6 - Exploiting DOM clobbering to enable XSS (118.47 MB)
8 Lab 7 - Clobbering DOM attributes to bypass HTML filters (60.42 MB)
1 WebSockets Vulnerabilities - Complete Guide (91.78 MB)
2 Lab 1 - Manipulating WebSocket messages to exploit vulnerabilities (17.91 MB)
3 Lab 2 - Manipulating the WebSocket handshake to exploit vulnerabilities (23.2 MB)
4 Lab 3 - Cross-site WebSocket hijacking (57.33 MB)]
Screenshot