- Thread Starter
- #1
Full-Stack Attacks on Modern Web Applications
Published 12/2023
Created by Dawid Czagan
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English | Duration: 7 Lectures ( 59m ) | Size: 302 MB
Learn About HTTP Parameter Pollution, Subdomain Takeover, and Advanced Clickjacking
What you'll learn
Dive into full-stack attacks on modern web application
Learn how an attacker can bypass authorization via HTTP parameter pollution
Explore how the attacker can launch a subdomain takeover attack
Discover how the attacker can take over a user's account via clickjacking
Learn step by step how all these attacks work in practice (DEMOS)
Check if your web applications are vulnerable to these attacks
Become a successful penetration tester / red team member / ethical hacker
Learn from one of the top hackers at HackerOne
Requirements
Basic hacking skills
Description
Web application security is not only about XSS and SQL injection. Professional penetration testers and red team members must learn about full-stack attacks on modern web applications and I created this course to help you on this journey. In this course, you will learn about 3 powerful attacks. First, I'll show you how an attacker can bypass authorization via HTTP parameter pollution. Next, I'll present how the attacker can launch a subdomain takeover attack. Finally, I'll demonstrate how the attacker can take over a user's account via clickjacking.** For every single attack presented in this course there is a demo ** so that you can learn step by step how these attacks work in practice. You'll also learn how to check if your web applications are vulnerable to these attacks. I hope this sounds good to you and I can't wait to see you in the class.Case #1: HTTP Parameter Pollution - Part 1Case #1: HTTP Parameter Pollution - Part 2Case #2: Subdomain Takeover - Part 1Case #2: Subdomain Takeover - Part 2Case #3: Account Takeover via Clickjacking - Part 1Case #3: Account Takeover via Clickjacking - Part 2Note: you can get paid for these bugs in bug bounty programs.
Who this course is for
Penetration testers, red team members, ethical hackers, bug hunters, security engineers / consultants
Homepage
Downlad Links
Rapidgator