Web App Testing: Episode 1 - Enumeration

The Cyber Mentor
The Cyber Mentor
327.9 هزار بار بازدید - 5 سال پیش -
0:00 - Introductions/Welcomes 5:47 - whoami 7:25 - Course learning objectives 11:30 - Important TCM resources 14:03 - Web app resources 26:15 - Five stages of ethical hacking 30:30 - Reconnaissance overview 34:30 - Identifying target to enumerate 36:15 - Using sublist3r to identify subdomains 40:50 - Using crt.sh to identify subdomains 44:45 - Setting up proxy for Burp Suite 46:50 - Enumerating with Burp Suite 1:05:00 - Credential stuffing/password spraying theory/tools 1:13:50 - Using Nikto as a vulnerability scanner 1:16:10 - Enumerating cipher strength 1:18:07 - Using nmap for fingerprinting 1:19:55 - Actively scanning with Burp Suite Pro 1:28:30 - Reviewing Juice Shop 1:31:43 - AMA begins Resource List Juice Shop: github.com/bkimminich/juice-shop#setup bkimminich.gitbooks.io/pwning-owasp-juice-shop/con… OWASP Testing Guides: www.owasp.org/images/1/19/OTGv4.pdf github.com/tanprathan/OWASP-Testing-Checklist Bug Bounties: bugcrowd.com/ hackerone.com/ www.synack.com/red-team/ www.guru99.com/bug-bounty-programs.html Education: www.elearnsecurity.com/course/web_application_pene… portswigger.net/web-security www.giac.org/certification/web-application-penetra… www.amazon.com/Web-Application-Hackers-Handbook-Ex… ❓Info❓ ___________________________________________ Hire me: tcm-sec.com/ Course info: www.thecybermentor.com/zero-t... Contact (professional inquiries only, please): [email protected] 📱Social Media📱 ___________________________________________ Website: thecybermentor.com/ Twitter: twitter.com/thecybermentor Twitch: www.twitch.tv/thecybermentor Discord: discord.gg/REfpPJB LinkedIn: www.linkedin.com/in/heathadams 💸Donate💸 ___________________________________________ Like the channel? Please consider supporting me on Patreon: www.patreon.com/thecybermentor Support the stream (one-time): streamlabs.com/thecybermentor
5 سال پیش در تاریخ 1398/05/23 منتشر شده است.
327,964 بـار بازدید شده
... بیشتر