OWASP Juice Shop | TryHackMe Burp Suite Fundamentals
22.8 هزار بار بازدید -
3 سال پیش
-
If you enjoy my TryHackMe
If you enjoy my TryHackMe videos and are interested in signing up for a subscription, use my affiliate link, I highly appreciate it!
https://tryhackme.com/signup?referrer...
I've been asked a bunch about doing a walkthrough of the TryHackMe OWASP Juice Shop, so I figured it was time. This is another great Burp Suite room that builds on top of looking at specific OWASP Top 10 vulnerabilities. In this room we are dealing specifically with: Injection, Broken Authentication, Sensitive Data Exposure, Broken Access Control, and the infamous Cross-Site Scripting (XSS)!
For those not familiar with Burp Suite, it's a framework of web application pentesting tools, and is arguably the most widely used tool set when it comes to conducting web pentesting. In this video, we focus mostly on Proxy, Responder, and Intruder.
00:00 - Intro
02:05 - Open For Business/OWASP Top 10
07:45 - Let's Go On An Adventure
16:20 - Inject The Juice (Injection Attacks)
28:18 - Who Broke My Lock?! (Weak Authentication)
44:22 - AH! Don't look! (Sensitive Data Exposure)
56:00 - Who's flying this thing? (Broken Access Control)
01:13:05 - Where did that come from? (XSS)
01:32:05 - Exploration!
TryHackMe Juice Shop Room
https://tryhackme.com/room/owaspjuice...
#tryhackme #burpsuite #websecurity
*Below you'll find what are known as affiliate links. These are links to things that I actually use and recommend. If you buy them, I will receive a super small kickback that helps support this channel and the giveaways I do on social media. Thanks!!*
(YouTube Gear, IT Devices, Books, Pre-workout I use...STUFF I 100% RECOMMEND)
Here is the Comptia Pentest+ training book bundle I used to pass the new PenTest+.
(Affiliate Link) - https://amzn.to/3A9X8Hx
Network+ Study Guide that I co-authored: https://amzn.to/2vTODU2
ECAMM Live Recording Software : https://www.ecamm.com/mac/ecammlive/?...
Amazon Affiliate Store: www.amazon.com/shop/jbizzle703
----------------------------------------------------------------------------------------------------------------------------------------
Subscribe to our monthly newsletter and blog notifications
👍 https://mailchi.mp/e7b56addb7fc/cyber...
C-----Y-----B-----E-----R-----I-----N-----S-----I-----G-----H-----T
J.B.C.'s Site ▶️https://www.jbcsec.com/insights
Swag Store ▶️ https://www.teepublic.com/user/jbc
Twitter ▶️ Twitter: JBC_SEC
Author ▶️ Twitter: JBizzle703
----------------------------------------------------------------------------------------------------------------------------------------
https://tryhackme.com/signup?referrer...
I've been asked a bunch about doing a walkthrough of the TryHackMe OWASP Juice Shop, so I figured it was time. This is another great Burp Suite room that builds on top of looking at specific OWASP Top 10 vulnerabilities. In this room we are dealing specifically with: Injection, Broken Authentication, Sensitive Data Exposure, Broken Access Control, and the infamous Cross-Site Scripting (XSS)!
For those not familiar with Burp Suite, it's a framework of web application pentesting tools, and is arguably the most widely used tool set when it comes to conducting web pentesting. In this video, we focus mostly on Proxy, Responder, and Intruder.
00:00 - Intro
02:05 - Open For Business/OWASP Top 10
07:45 - Let's Go On An Adventure
16:20 - Inject The Juice (Injection Attacks)
28:18 - Who Broke My Lock?! (Weak Authentication)
44:22 - AH! Don't look! (Sensitive Data Exposure)
56:00 - Who's flying this thing? (Broken Access Control)
01:13:05 - Where did that come from? (XSS)
01:32:05 - Exploration!
TryHackMe Juice Shop Room
https://tryhackme.com/room/owaspjuice...
#tryhackme #burpsuite #websecurity
*Below you'll find what are known as affiliate links. These are links to things that I actually use and recommend. If you buy them, I will receive a super small kickback that helps support this channel and the giveaways I do on social media. Thanks!!*
(YouTube Gear, IT Devices, Books, Pre-workout I use...STUFF I 100% RECOMMEND)
Here is the Comptia Pentest+ training book bundle I used to pass the new PenTest+.
(Affiliate Link) - https://amzn.to/3A9X8Hx
Network+ Study Guide that I co-authored: https://amzn.to/2vTODU2
ECAMM Live Recording Software : https://www.ecamm.com/mac/ecammlive/?...
Amazon Affiliate Store: www.amazon.com/shop/jbizzle703
----------------------------------------------------------------------------------------------------------------------------------------
Subscribe to our monthly newsletter and blog notifications
👍 https://mailchi.mp/e7b56addb7fc/cyber...
C-----Y-----B-----E-----R-----I-----N-----S-----I-----G-----H-----T
J.B.C.'s Site ▶️https://www.jbcsec.com/insights
Swag Store ▶️ https://www.teepublic.com/user/jbc
Twitter ▶️ Twitter: JBC_SEC
Author ▶️ Twitter: JBizzle703
----------------------------------------------------------------------------------------------------------------------------------------
3 سال پیش
در تاریخ 1400/11/20 منتشر شده
است.
22,864
بـار بازدید شده