Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
HTML-код
- Опубликовано: 9 май 2024
- Learn web application penetration testing from beginner to advanced. This course is perfect for people who are interested in cybersecurity or ethical hacking.
⭐️Resources⭐️
🔗Burp Suite: portswigger.net/burp
🔗WAFW00F: github.com/EnableSecurity/waf...
🔗OWASP SAP: www.zaproxy.org/
🔗Metasploit: github.com/rapid7/metasploit-...
🔗Kali Linux: www.kali.org/downloads/
🔗OWASP Juice Shop www.owasp.org/index.php/OWASP...
🔗Damn Vulnerable Web Application (DVWA): www.dvwa.co.uk/
🔗 HackerSploit Website: hsploit.com/
⭐️Course Contents⭐️
⌨️(0:00:00) Setting Up Burp Suite
⌨️(0:08:07) Spidering & DVWA
⌨️(0:19:04) Brute Force Attacks With Burp Suite
⌨️(0:32:55) Target Scope And Spidering
⌨️(0:46:32) Discovering Hidden Files With ZAP
⌨️(1:04:24) Web Application Firewall Detection with WAFW00F
⌨️(1:12:28) DirBuster
⌨️(1:25:27) XSS(Reflected, Stored & DOM)
⌨️(1:41:22) CSRF (Cross Site Request Forgery)
⌨️(2:02:42) Cookie Collection & Reverse Engineering
⌨️(2:14:17) HTTP Attributes (Cookie Stealing)
⌨️(2:27:48) SQL Injection
Course created by HackerSploit. Check out the HackerSploit RUclips channel: / hackersploit
--
Learn to code for free and get a developer job: www.freecodecamp.org
Read hundreds of articles on programming: medium.freecodecamp.org
I am overwhelmed by the value this channel offers
this channel is a goldmine of knowledge
Same here.
This is from hackersploit, search it up
I'm watching this nearly after 2 years
but it is still much more informative 👍
This is really amazing to hear hackersploit voice.
This guy is not only knowledgeable and a good teacher... he's extremely funny too....
This is so helpful. Thanks a ton!
NOTE:
Anyone who is having trouble with connecting metasploitable with browser in kali
1) go to the metasploitable network settings in your hypervisor( virtual machine monitor or VMM) like virtual box
2) change to the adapter from NAT to Bridge
thats all
like so more people can see it
Though bridge gives an easier option to setting the network..but I would prefer you use host network ..it does the same but it has an added advantage..it doesn’t expose your vms to other people on the internet only your host can access them…bridge exposes your vms to other people on the network
Thinks bro u are great ❤️
@@nathanielahaohello, I’m stuck, can we communicate please?
no i dont think opening metasploitable as bridged is safe for your home network
Thank you a lot for the content, I appreciate a lot you taking the time to pass your knowledge forward
Thank you very much
hackerlouis05 on Instagram is the best when it comes to hacking
He's services are fast and legit and he doesn't charge much
sorry to be so offtopic but does anybody know of a tool to log back into an Instagram account??
I was stupid lost my login password. I would appreciate any assistance you can give me
Amazing I learn a lot from this video thanks for sharing this knowledge with us on RUclips.
Wonderful explanation
All doubts cleared and feel confident.
Sick cant wait to dive into this!
3 years later and you're still getting views and comments bro. I absolutely love your content. Helps me out a great deal as a beginner in pentesting. Love the subject a great deal
Yes
yes your right
That's how RUclips works
Please i heard in the video you have a special course about web application penetration testing with ZAp not burp suite. As Zap is being touted as a very massive tool, you can hardly find detailed resources on it. Everyone seems to be talking about Burp suite especially the pro version. So please if you could kindly direct me to the course, I would mostly appreciate it
love this guy no nonsense tutorials thanks bro
Thank you Tesfay. Such a great video for study purpose.
This covers the material clearly and thoroughly. Thanks!
loving it, very helpful
i like your tutorials ...continue please.
I love this org and youtube channel
Excellent teaching man it's very easy to understand ♥️
L
In the business for a while and was just curious. Well explained and presented. Cheers.
As someone in the field, would you advice me to take this course? Is there an important gap between the content of this course and real work or is it very close please? (I am a complete beginner in cybersecurity)
@@ThisIsAli_Off i would like to know this too
@@ThisIsAli_Off I don't think you can simply watch 2 hours of video and suddenly become a professional. Especially not with computer given the huge amount of things to learn
@@whannabi Yup, this is especially true for cybersecurity. Every time I think I start "mastering" the basics, I discover a totally new topic that I don't know anything about. It can be very intimidating to start cybersec when you see how large the field is and how hard it is.
how great you are man! i salute you. you make me believe!
So nice explanation sir it's really nice the world's best teacher
even tho u speak faster but u still one of my best teacher. bless u
You rock!! Good stuff right here!!!!!
Super helpful content...Thanks so much!
I liked the video as soon as I heard his voice.
really helpful video for bigginer
Thank you so much Sir !!! You're a great Teacher! Be blessed!
doing this. been wanting this for a long time
Great video in which you have really given a lot of effort to explain everything in detail.
I have a question about the DirBuster is there a way to get a list from a cloud instead of a local computer?
regards
-- Danny
Awesome content and explanation... Got to know so many things
Complete TOR anonymity tutorials using TAILS, WHONIX and KODACHI linux ruclips.net/video/zgvUjto8J6k/видео.html
This is really awesome
This is amazing stuff for beginners. Thank You
"really really really really really really really really really really " "all good stuff"
Hey Hashim! Do I need to learn anything prior for this course? And where can learn it (paid/free). Thanks
@@parmeet8455 depends on your study background.
Most Wanted video
Thanks Brother .....its very useful to me
thank you so much for this video, makes everything so clear : thank you!
omg! this is an awesome video. 3 hours? yep. the longest video i ever seen.
Check out start hacking today
Please during the course, i heard you had a seperate tutorial on the use of ZAp for web applications testing. I ask this because everyone seems to be leaning towards burp suite pro and there are hardly any tutorials out there except yours at least which cover zap in detail for web app pen testing. Please if you would kindly direct me to that tutorial i would appreciate it.
This is really helpfull video for us kindly upload video for ethical hacking on desktops application thanks
So easy to follow thx
Thank you from Melbourne Australia
Brilliant, thank you 👍
nice and recommended indeed bravo work😍
The first brute force was admin admin. You were rushing through it. Nice job.
Bro can u tell me the best websites for learning hacking
@@Powerfulwordsofbible depends on what type of hacking you want to learn. Reverse engineering, binary exploitation, Web_app security, Networking security, Systems admin security, Bug_Bounty. Programming in languages like C, Bash, Python are also needed.
@@bugr33d0_hunter8 i want to become an ethical hacker
I'm at beginning stage
@@Powerfulwordsofbible you need to learn a couple languages before you should do anything else.
Many thanks for this video. DO you have next video in this series?
Thank you, hackersploit! 💕
Stop*
Please make another more advance course for begginers in web pentesting
⌨️(0:00:00) Setting Up Burp Suite
⌨️(0:08:07) Spidering & DVWA
⌨️(0:19:04) Brute Force Attacks With Burp Suite
⌨️(0:32:55) Target Scope And Spidering
⌨️(0:46:32) Discovering Hidden Files With ZAP
⌨️(1:04:24) Web Application Firewall Detection with WAFW00F
⌨️(1:12:28) DirBuster
⌨️(1:25:27) XSS(Reflected, Stored & DOM)
⌨️(1:41:22) CSRF (Cross Site Request Forgery)
⌨️(2:02:42) Cookie Collection & Reverse Engineering
⌨️(2:14:17) HTTP Attributes (Cookie Stealing)
⌨️(2:27:48) SQL Injection
thanks
when I set up proxy, I no longer able to use browser. Error: connection not private. How can I get around this to view the video and use burp suite.
@@ammarbinfaisal salamu aleikum brother, good explaination. Thank you!
The best comment! Thanks!!
@@apackalu2718at least he did it for those who don't check description. And it's helpful 😄
Strong title, great content.
is that video from hackersploit channel cause i heard hackersploit tag in the begening
Yes. We were so excited that Hackersploit gave us permission to post this great course.
@@freecodecamp a1
hackerlouis05 on Instagram is the best when it comes to hacking
He's services are fast and legit and he doesn't charge much
You can skip (2.)Spidering as it's not present in the burpsuite anymore. I think there is something to do with some new laws about crawling but the team is working on a new method implemented in Pro and Community editions with no ETA for now thou.
How do I find someone ip using their phone number
Whats the alternative for spidering then? I'm trying to learn copying this guy as a total beginner.
Thanks for this ❤
Thank you very much!
Youre awesome teacher, can you please do a video on how to find the login username and password for a router gateway url? Please and thank you!!
So explanatory. Thanks alot.
But can one of these methods be used to bypass otp verification code...If you could do a video on that
great way for me to refresh
Amazing video. Thank you so much.
Thanks for explaining the difference between the two but I’m new to cyber security I’m wondering which one to do first the pen-testing or vulnerability scanning? Any advise is welcomed as I’m looking for a book camp after I take a couple of online classes
vulnerability scanning bro
You don't really know what penetration is until one day you find out that there is a back-door on your system that won't let you in!
Hopefully this video will show the way to a better Internet experience!!!
Thank you, many source used money for acces
Hacker Sploit! Love from Israel!
Knowledgeable
you'r awesome man
why so nervous? you do a really nice job explaining bro!
Nice work
To me the ZAP is more user-friendly sir, becos I follow your other video finding useful information by doing the ZAP spiders
Awasome 😍
"really really really really really really really really really really " "all good stuff"
irregardless
First of thank you for the great video!
I just don't understand why you are using two script at 2:22:40 ?
Take a look in JavaScript and html, you'll get it.
Thank u
You need to have pro version of burpsuite right, mine doesnt have few of the important options like spider and all.
list of tools and applications:
dvwa
bwapp
juice shop
owasp zap
dirbuster
Thanks Alexis
the best lesson you need to learn in this tutorial 2:12:25
Is this done on a virtual enviroment?
excellent choice, alexis FTW
thankyou sir
What happened to the spider tab in burp suite? It doesn't seem to exist in burp suite 2020.
thank you very much
I need some CEH-V10 tutorial please..
I am running Kali in VirtualBox. It does not have a button to add an exception. Firefox was probably updated in the newer Kali. Does anyone know how to create the exception a different way?
I had the same problem.But I installed parrot os,and the problem is solved
You can use an usb for runnig kali linux in your pc :)
Good day! What's the name of the next you've made ? cause I couldn't find it .
Do video on mobile app testing (android and IOS )
a wesone but knowledge of socket programming in python is a must
If you want to learn to make a port scanner faster than Nmap here it is: ruclips.net/video/g73Lkv3-MbA/видео.html
@@spyrosdev2533 that video was removed, have you any links/other vids on the subject?
Buen contenido ⭐⭐👋👋
It's saying that the proxy server is refusing the connection on firefox. What should I do now?
Any prerequisites for this course?
Prerequisites please?
Is it legal to use your website to learn along the way with the video ? By letting Burpsuite at it ?
thanks many times
I'm use parrot OS too
This voice i didn't forget.. :D
I get the idea! 😅
you get the idea
Best stuff
hi, thanks for the videos. I have a question at bruteforce. When i go to response/render it shows Unable to render response! Why is this happening? any clue anyone?
I'm going to quite CSGO and start this tutorial from today....
I recommend English lesson first
@@aronpop1447 hahah..
I have 2 questions:
1) What is the purpose of setting the proxy? Why we set the proxy to localhost? Using this proxy I'm not able to reach a web resource.
2) I can't select the checkbox in the App, under the 'Proxy' -> 'Options' -> Running 4:59
Check settings, you can reach everything, proxy is only intercept the request/response
Proxy servers act as a firewall and web filter, provide shared network connections, and cache data to speed up common requests.
People generally use these proxy servers to make the website thing that this ip address didn't visit their site before.
👌👍
I am unable to reset juice shop score..when I start it already has something done ..changed IP .. deleted cookies nothing changes it
I wish you did the video in a better quality, better for our eyes :)
RUclips is still processing. Should get better soon.
@@freecodecamp Thank you! I'll return later to watch it. I look forward to it!
Hello everyone first
Is the software space or cybersecurity better?