TIMESTAMPS ######### Web 00 - Introduction 00:00:00 Web Exploitation Course ######### Web 01 - Introduction to Web Exploitation 00:03:17 Introduction 00:05:37 Clients and Servers 00:07:37 The HTTP Protocol 00:11:47 HTML 00:17:00 CSS 00:18:57 JavaScript and the DOM 00:23:00 Web Applications 00:29:07 Overview so far 00:30:47 HTTP is stateless 00:32:57 On Malicious HTTP requests 00:35:39 Introduction to BurpSuite 00:40:03 Using BurpSuite 00:48:02 A first vulnerability 00:52:42 Conclusion ######### Web 02 - Getting Used to BurpSuite 00:54:32 Introduction 00:55:52 Initial Setup 01:07:57 Installing PortSwigger CA certificate 01:12:12 Starting the web application 01:13:02 Configuring the scope 01:19:22 Proxy interception 01:23:27 Repeater 01:28:12 Decoder 01:30:32 Comparer 01:31:32 Analyzing cookie structure 01:36:32 Intruder 01:40:28 Sequencer 01:41:32 Dashboard 01:43:22 Extensions 01:45:32 Conclusion ######### Web 03 - SQL Injection 01:47:03 Introduction 01:50:18 Databases and Structured Query Language (SQL) 02:03:43 Simple queries 02:09:33 Interpreters 02:14:18 Injections 02:17:45 Example 1 - PHP Snippet 02:25:33 Example 2 - DVWA easy 02:37:13 Example 3 - DVWA medium 02:40:47 Example 4 - SecureBank ######### Web 04 - Directory Traversal 02:48:08 Introduction 02:49:53 Tomcat Setup 02:57:48 Static Web Application 03:02:08 Dynamic Web Application with JSP 03:03:48 Fuzzing with wfuzz to discover parameter 03:07:48 Analyzing the disclosed stacktrace 03:10:53 A simple Directory Traversal 03:16:03 A more complex Directory Traversal 03:20:58 Directory Traversal in SecureBank 03:26:58 Conclusion ######### Web 05 - File Inclusion 03:28:03 Introduction 03:29:55 Example 1 - LFI with JSP 03:46:13 Example 2 - LFI with php 03:57:53 Example 3 - RFI with php 04:03:03 Example 4 - DVWA challenges 04:12:53 Example 5 - Leak source code with php filters ######### Web 06 - File Upload Vulnerabilities 04:17:49 Introduction 04:19:29 Explanation of lab 04:24:11 POST request to upload a file 04:29:29 Reading php code 04:37:49 Solving level 1 04:43:41 Solving level 2 04:47:14 Solving level 3 04:56:31 PortSwigger Academy lab 1 05:00:56 PortSwigger Academy lab 2 05:02:33 PortSwigger Academy lab 3 05:08:27 Conclusion ######### Web 07 - Command Injections 05:09:31 Introduction 05:10:46 Some Intuition on Command Injections 05:16:36 DVWA level low 05:32:06 DVWA level medium 05:38:46 DVWA level high 05:40:34 DVWA level impossible 05:45:26 Port Swigger Lab 1 05:49:26 Port Swigger Lab 2 05:53:26 Port Swigger Lab 3 05:59:06 Conclusion ######### Web 08 - Cross Site Scripting 06:00:07 Introduction 06:03:07 Client-side attacks 06:06:42 Stored XSS - Intuition 06:18:07 Stored XSS - Leaking session cookie 06:25:47 Reflected XSS - Intuition 06:30:27 Reflected XSS - Leaking session cookie 06:33:37 DOM XSS 06:41:32 Review so far 06:43:12 Conclusion ######### Web 09 - Enumeration of Files and Directories 06:45:54 Introduction 06:48:54 Docker lab setup 06:50:34 Intuition on Web Enumeration 06:58:59 Using gobuster 07:02:49 Scenario 1 - Directory Enumeration 07:05:41 Scenario 2 - Files Enumeration 07:09:54 Review so far 07:12:37 Scenario 3 - Custom 404 page 07:18:39 Conclusion ######### Web 10 - Enumeration of Virtual Hosts 07:21:11 Introduction 07:21:56 Docker lab setup 07:24:44 Intuition on virtual hosts 07:30:11 Host header in HTTP requests 07:34:11 Enumeration of virtual hosts 07:38:04 Using gobuster 07:40:21 How to access virtual hosts 07:46:41 Differences between Virtual Hosts and Domain Names 07:49:11 Conclusion ######### Web 11 - Enumeration of Parameters 07:51:16 Introduction 07:53:06 Docker lab 07:56:51 Wfuzz scenario 1 - discovery of parameter name 08:12:26 Wfuzz scenario 2 - discovery of debug parameter 08:15:21 Wfuzz scenario 3 - discovery of parameter value 08:21:46 Insecure Direct Object Reference (IDOR) 08:24:16 Wfuzz scenario 4 - sending requests to burpsuite 08:26:31 Wfuzz scenario 4 - discovery of POST data 08:28:00 Conclusion ######### Web 12 - Brute Force Attacks 08:28:26 Introduction 08:30:50 Scenario 1 - Brute Forcing SSH 08:43:42 Scenario 2 - Brute Forcing FTP 08:48:01 Scenario 3 - Brute Forcing HTTP Basic Auth 08:50:56 Scenario 4 - Brute Forcing DVWA login 08:57:26 Conclusion ######### Web 11 - DNS Zone Transfer Attacks 08:58:16 Introduction 09:01:26 Difference between VHOST and DNS 09:06:11 What is a DNS zone transfer? 09:07:51 DNS zone transfer in practice 09:12:31 Final Overview 09:14:16 Conclusion copied from description for ease of use!
Thank you so much, in the following days I will take the time to fix the timestamps so that they can be used directly within the player. Appreciate this!
Sir, im only 35minutes in and you officially are my first mentor... the way you explain things so simply to beginners is MAGICAL ... although i already knew some things before but you reintroduced them to me in a new amazing way.... please never stop teaching us ur ways we need people like you !!
A thousand and one likes man. I love the pace if your teaching. I'm a complete newbie, but your coverage of the concepts, has drawn me to study with this course. +1 Sub
For following this series it is required to have a basic understanding of network protocols. In the future content like that is planned, as of right now however I’m focusing on the windows privilege escalation series
its probably a configuration of your browser. Typically they dont proxy traffic from localhost. You can either disable it with the appropriate command line (I show this at the beginning of the web exploitation series where I talk about burpsuite), or you can configure a custom entry in your /etc/hosts that points to 127.0.0.1, like say “example 127.0.0.1”, so that when you go to example it will actually proxy the traffic
Hi hexdump I really want to setup my tomcat like yours but I can't and files are different coz you are using tomcat version 8 and it's version 10 can you make video of how to setup version 10
I would say it requires minimal knowledge of the web and the http protocol, but in terms of penetration testing concepts yea, complete beginners can follow
sort of yeah, if u study well all these concepts, then you are ready for OSCP in terms of the web part. I specifically considered OSCP requirements while making this series. And for the rest, well, this plays as a very strong foundation, so if you study all the modules well, then you can learn the stuff that is not here much much easier because of a strong background.
The material is all online, you can find it at the following repo github.com/LeonardoE95/yt-en For each lecture theres a link to the material. I need to copy it over into the OSCP repository. But technically its already online, just on the yt-en repo. Btw, you have to check the materials of the individual videos of the series (those with Web Exploitation in the playlist, the full video right now has no material).
Using Arch as Linux distro, with Emacs running as main editor and tiling window manager with exwm. This means that most windows you see are from Emacs.
some basic knowledge of networking is required, but other than that I try to build intuition over all the various idea that go into web exploitation. I’m particularly interested in beginners feedback, so if you find something too complex just write in the comments and I will take a note, so maybe in the future I can explain things better Good luck!
@@hexdump1337 I'm good at intermediate CTF and network exploitation but I didn't go deep into the web application pentesting and trying to learn at least essentials and then practice.
@hexdump1337 as a non-native speaker your accent is perfect for me , you spell very clearly and with good pace , I understand every word that you are saying and enjoy this at the same time, thank you and keep going
@@hexdump1337 🤣😂 yes, well I am Indian, and we are known for our bad accent, so I will learn some other accent and that would be the Italian accent, American accent is bull shit.
TIMESTAMPS
######### Web 00 - Introduction
00:00:00 Web Exploitation Course
######### Web 01 - Introduction to Web Exploitation
00:03:17 Introduction
00:05:37 Clients and Servers
00:07:37 The HTTP Protocol
00:11:47 HTML
00:17:00 CSS
00:18:57 JavaScript and the DOM
00:23:00 Web Applications
00:29:07 Overview so far
00:30:47 HTTP is stateless
00:32:57 On Malicious HTTP requests
00:35:39 Introduction to BurpSuite
00:40:03 Using BurpSuite
00:48:02 A first vulnerability
00:52:42 Conclusion
######### Web 02 - Getting Used to BurpSuite
00:54:32 Introduction
00:55:52 Initial Setup
01:07:57 Installing PortSwigger CA certificate
01:12:12 Starting the web application
01:13:02 Configuring the scope
01:19:22 Proxy interception
01:23:27 Repeater
01:28:12 Decoder
01:30:32 Comparer
01:31:32 Analyzing cookie structure
01:36:32 Intruder
01:40:28 Sequencer
01:41:32 Dashboard
01:43:22 Extensions
01:45:32 Conclusion
######### Web 03 - SQL Injection
01:47:03 Introduction
01:50:18 Databases and Structured Query Language (SQL)
02:03:43 Simple queries
02:09:33 Interpreters
02:14:18 Injections
02:17:45 Example 1 - PHP Snippet
02:25:33 Example 2 - DVWA easy
02:37:13 Example 3 - DVWA medium
02:40:47 Example 4 - SecureBank
######### Web 04 - Directory Traversal
02:48:08 Introduction
02:49:53 Tomcat Setup
02:57:48 Static Web Application
03:02:08 Dynamic Web Application with JSP
03:03:48 Fuzzing with wfuzz to discover parameter
03:07:48 Analyzing the disclosed stacktrace
03:10:53 A simple Directory Traversal
03:16:03 A more complex Directory Traversal
03:20:58 Directory Traversal in SecureBank
03:26:58 Conclusion
######### Web 05 - File Inclusion
03:28:03 Introduction
03:29:55 Example 1 - LFI with JSP
03:46:13 Example 2 - LFI with php
03:57:53 Example 3 - RFI with php
04:03:03 Example 4 - DVWA challenges
04:12:53 Example 5 - Leak source code with php filters
######### Web 06 - File Upload Vulnerabilities
04:17:49 Introduction
04:19:29 Explanation of lab
04:24:11 POST request to upload a file
04:29:29 Reading php code
04:37:49 Solving level 1
04:43:41 Solving level 2
04:47:14 Solving level 3
04:56:31 PortSwigger Academy lab 1
05:00:56 PortSwigger Academy lab 2
05:02:33 PortSwigger Academy lab 3
05:08:27 Conclusion
######### Web 07 - Command Injections
05:09:31 Introduction
05:10:46 Some Intuition on Command Injections
05:16:36 DVWA level low
05:32:06 DVWA level medium
05:38:46 DVWA level high
05:40:34 DVWA level impossible
05:45:26 Port Swigger Lab 1
05:49:26 Port Swigger Lab 2
05:53:26 Port Swigger Lab 3
05:59:06 Conclusion
######### Web 08 - Cross Site Scripting
06:00:07 Introduction
06:03:07 Client-side attacks
06:06:42 Stored XSS - Intuition
06:18:07 Stored XSS - Leaking session cookie
06:25:47 Reflected XSS - Intuition
06:30:27 Reflected XSS - Leaking session cookie
06:33:37 DOM XSS
06:41:32 Review so far
06:43:12 Conclusion
######### Web 09 - Enumeration of Files and Directories
06:45:54 Introduction
06:48:54 Docker lab setup
06:50:34 Intuition on Web Enumeration
06:58:59 Using gobuster
07:02:49 Scenario 1 - Directory Enumeration
07:05:41 Scenario 2 - Files Enumeration
07:09:54 Review so far
07:12:37 Scenario 3 - Custom 404 page
07:18:39 Conclusion
######### Web 10 - Enumeration of Virtual Hosts
07:21:11 Introduction
07:21:56 Docker lab setup
07:24:44 Intuition on virtual hosts
07:30:11 Host header in HTTP requests
07:34:11 Enumeration of virtual hosts
07:38:04 Using gobuster
07:40:21 How to access virtual hosts
07:46:41 Differences between Virtual Hosts and Domain Names
07:49:11 Conclusion
######### Web 11 - Enumeration of Parameters
07:51:16 Introduction
07:53:06 Docker lab
07:56:51 Wfuzz scenario 1 - discovery of parameter name
08:12:26 Wfuzz scenario 2 - discovery of debug parameter
08:15:21 Wfuzz scenario 3 - discovery of parameter value
08:21:46 Insecure Direct Object Reference (IDOR)
08:24:16 Wfuzz scenario 4 - sending requests to burpsuite
08:26:31 Wfuzz scenario 4 - discovery of POST data
08:28:00 Conclusion
######### Web 12 - Brute Force Attacks
08:28:26 Introduction
08:30:50 Scenario 1 - Brute Forcing SSH
08:43:42 Scenario 2 - Brute Forcing FTP
08:48:01 Scenario 3 - Brute Forcing HTTP Basic Auth
08:50:56 Scenario 4 - Brute Forcing DVWA login
08:57:26 Conclusion
######### Web 11 - DNS Zone Transfer Attacks
08:58:16 Introduction
09:01:26 Difference between VHOST and DNS
09:06:11 What is a DNS zone transfer?
09:07:51 DNS zone transfer in practice
09:12:31 Final Overview
09:14:16 Conclusion
copied from description for ease of use!
Thank you so much, in the following days I will take the time to fix the timestamps so that they can be used directly within the player.
Appreciate this!
Never stop doing these videos because i learn so much from you. Thank you
Oh no worries, this is just the start!
Fr
@@hexdump1337 great bro! killer video on youtube !
Thank God i found this channel, it's pure gold.
Thank you soo much ❤
Sir, im only 35minutes in and you officially are my first mentor... the way you explain things so simply to beginners is MAGICAL ... although i already knew some things before but you reintroduced them to me in a new amazing way.... please never stop teaching us ur ways we need people like you !!
Thank you, this means a lot to me!
I will do my best to help you.
Quality video -- This will be my summer study plan!
The hero we needed
This is what I NEED, a real pentest on a test website.
NOT those long 2hours live then they're just doing recon.
Thank u for letting me know!
In the future will try to bring even more full WAPTs (that is web pentests) on vulnerable apps 👍🏻
You Also need the 33hours cyber sec courses too my friend they are good for more stability in cyber. Yeah this one is short and sweet
@@Kanny-b9v where to watch?
It's a gold mine! Amazing content as always.
The world is better place with people like you, thank you for sharing this informative course
That's precious to hear!
Woh woh woh, wait a sec, this is so awesome. Thank you soo soo much.
A thousand and one likes man. I love the pace if your teaching. I'm a complete newbie, but your coverage of the concepts, has drawn me to study with this course.
+1 Sub
thank you so much!
GODDDD THANKYOU I WILL WATCH IT ALLL !
I haven't watched it but I subscribed and liked this vid. Hoping to watch this on my free time. Thank you for this stuff 😊
Thanks for the trust, I’m sure it’s gonna be useful, in case let me know your feedback!
loved it .. learned a lot ... thank you !
Terrific , amazing, hats off to your efforts 💢❤💥💫
I love the video so much. Thanks a lot for sharing
Great stuff mate. Cheers for some nice videos!
im having a difficult time trying to access some of the web explotation tools
but so far it's going fine thanks for asking
You mean links to the material on github?
just getting started with this course. i will let keep you updated
what text editor do you use to take notes??
Emacs
Very good presentation my man! You are a superb teacher
This is great man, thanks a lot. You have a new follow now 💚
thanks ♥️
Rly nice content, you are very good teacher, very clear and concise explanations. I learn a lot. Thank You for your work.
Sick content brah! Keep it coming
Great video! Keep up the good work. Subscribed.
Thanks!
I always enjoy your content. They all amazing. I wish you could make a video on how to create a custom wordlist for directory and file brute-forcing.
I will take not of the idea and maybe make something in the future! Thanks for the suggestion.
Great video man
Amazign content Pr Leonardo ! Thank you so much for what you do :)
Amazing stuff, many thanks, keep going, best regards
thanks for great content man
3:29:57 Hi I am not able to find the php dir in your repo
3:30:27 Also couldn't find app dir
Update repository, thanks for telling me!
Simply amazing ❤
Thanks this was really helpful.
@hexdump do you have videos on webshells, convering samurai & mutillidae among other tools used for webshell detection, mitigation and prevention?
not yet, however I will take your suggestions for future material, thank you very much for askin!
@@hexdump1337 Much appreciated for your swift response. Would you refer me to someone who can help me prepare for a technical test in webshells?
great work..Thank you
Love your video
Bro this is gold 🥇🥇🥇🥇🥇🥇🥇🥇🥇
Thanks bro ❤ .
what are the pre-requites for this video? I don't have knowledge in networking
For following this series it is required to have a basic understanding of network protocols.
In the future content like that is planned, as of right now however I’m focusing on the windows privilege escalation series
thanks for education sir🙏
i can't find the repo of the securebank to clone and run localy , any help ?
Should be this one, there is a docker deployment
github.com/ssrdio/SecureBank
The Goat@@hexdump1337
Great great great 🔥🔥😍
I can't able see localhost in http history in burpsuite
its probably a configuration of your browser. Typically they dont proxy traffic from localhost. You can either disable it with the appropriate command line (I show this at the beginning of the web exploitation series where I talk about burpsuite), or you can configure a custom entry in your /etc/hosts that points to 127.0.0.1, like say “example 127.0.0.1”, so that when you go to example it will actually proxy the traffic
Thank you.
bro 9 hours this is a goldmine
I tried to fill all these hours with meaningful content, I hope you get something out of it!
Its just amazing
how to download the tomcat directory you have
From here archive.apache.org/dist/tomcat/
why this video have only 21K views.....very awesome lecture bro pls keep doing
Thanks!
Hopefully more people will be able to learn from it!
Hi hexdump I really want to setup my tomcat like yours but I can't and files are different coz you are using tomcat version 8 and it's version 10 can you make video of how to setup version 10
Did you try "wget dlcdn.apache.org/tomcat/tomcat-10/v10.1.26/bin/apache-tomcat-10.1.26.tar.gz" ? The directory structure seems similar to me.
nice video, learned docker thanks to you !, suggest best free cyber security certification.
Hey Leo, awesome video!!
What is your terminal setup? Is this like a terminal emulator extension of Emacs or something?
Yes, it is called vterm, it is a library which is integrated within an emacs lisp package!
Thanks for the feedback
What app using to show this notes in terminal please answer
Emacs! I made a video about it already
sir is this course for complete beginners?
is this an web exploitation same as web penetration testing ?
I would say it requires minimal knowledge of the web and the http protocol, but in terms of penetration testing concepts yea, complete beginners can follow
@@hexdump1337 thankyou so much ❤
Cool one
thumpsup! 😃
Thank you for the video
I have a question, please
Are these topics cover some certifications content?
Like what you did with OSCP?!
sort of yeah, if u study well all these concepts, then you are ready for OSCP in terms of the web part. I specifically considered OSCP requirements while making this series.
And for the rest, well, this plays as a very strong foundation, so if you study all the modules well, then you can learn the stuff that is not here much much easier because of a strong background.
started today
I need my certification please
when will u upload the notes on ur github?
The material is all online, you can find it at the following repo
github.com/LeonardoE95/yt-en
For each lecture theres a link to the material.
I need to copy it over into the OSCP repository. But technically its already online, just on the yt-en repo.
Btw, you have to check the materials of the individual videos of the series (those with Web Exploitation in the playlist, the full video right now has no material).
@@hexdump1337 thnx
what os are you using, and how you move between workspace ❤ love your videos 😊
Using Arch as Linux distro, with Emacs running as main editor and tiling window manager with exwm. This means that most windows you see are from Emacs.
cheers!
I wish you could do one on how to create custom wordlist
Just write your desire password in word documents that is your world list
Is this beginner-friendly?
some basic knowledge of networking is required, but other than that I try to build intuition over all the various idea that go into web exploitation.
I’m particularly interested in beginners feedback, so if you find something too complex just write in the comments and I will take a note, so maybe in the future I can explain things better
Good luck!
@@hexdump1337 I'm good at intermediate CTF and network exploitation but I didn't go deep into the web application pentesting and trying to learn at least essentials and then practice.
Let's see how it goes i've just started the video
lemme know!
Gold
keep it up
Man i love your accent am trying to concentrate but the accent i love it 🤣🤣🤣🤣🤣🤣🤣🤣
Hope its not too distracting 👍🏻
@hexdump1337 as a non-native speaker your accent is perfect for me , you spell very clearly and with good pace , I understand every word that you are saying and enjoy this at the same time, thank you and keep going
well I am here just for your accent !
Can you tell I am italian? 😂
@@hexdump1337 🤣😂 yes, well I am Indian, and we are known for our bad accent, so I will learn some other accent and that would be the Italian accent, American accent is bull shit.
@@hexdump1337 yeah, it's obvious
@@hexdump1337 dont know why i feel the 2 accent kind of similar 😂
2:05:18
Parli inglese da dio! Ce l hai anche in ita il corso?
Here you can find it in italian: ua-cam.com/video/GOMR5bS3c2w/v-deo.html
Jeramie Inlet
be regular
porcoddio se si sente l’accento 😂
Ovviamente qualità assurda grande bro 🇮🇹🇮🇹🇮🇹🇮🇹
cant hide where you come from 🤣
Sir i am not abel to understand your voice please talk slowly
Where specifically, can you give me a timestamp?
bro decrease the playback speed...
Bhai pranayam Kara kar
Isse slow bolega to janta so jaegi
Perfect video for advance dev