See NordPass Business in action now with a 3-month free trial here http://nordpass.com/cybermentor with code cybermentor
0:00 - Introduction
1:15 - NordPass Sponsorship
2:10 - Course Overview
3:46 - The OWASP Top 10
14:11 - Installing OWASP Juice Shop
21:00 - Installing Foxy Proxy
23:14 - Exploring Burp Suite
34:42 - Introducing the Score Board
37:33 - SQL Injection Overview
42:45 - SQL Injection Walkthrough
52:52 - SQL Injection Defenses
55:41 - Broken Authentication Attacks and Defenses
1:01:25 - Testing for Broken Authentication
1:09:05 - Sensitive Data Exposure Attacks and Defenses
1:13:58 - Testing for Sensitive Data Exposure
1:22:00 - XML External Entities (XXE) Overview
1:31:54 - XXE Attacks and Defenses
1:39:58 - Broken Access Control Overview
1:43:27 - Broken Access Control Walkthrough
1:47:55 - Security Misconfigurations Overview
1:52:54 - Cross-Site Scripting (XSS) Overview
2:03:27 - Reflected XSS Walkthrough
2:09:50 - Stored XSS Walkthrough
2:16:07 - Preventing XSS
2:19:55 - Insecure Deserialization
2:24:28 - Using Components with Known Vulnerabilities
2:29:06 - Insufficient Logging and Monitoring
2:32:17 - Conclusion
Pentests & Security Consulting: https://tcm-sec.com
Get Trained: https://academy.tcm-sec.com
Get Certified: https://certifications.tcm-sec.com
Merch: https://merch.tcm-sec.com
Sponsorship Inquiries: [email protected]
Social Media
___________________________________________
Twitter: https://twitter.com/thecybermentor
Twitch: https://www.twitch.tv/thecybermentor
Instagram: https://instagram.com/thecybermentor
LinkedIn: https://www.linkedin.com/in/heathadams
TikTok: https://tiktok.com/@thecybermentor
Discord: https://discord.gg/tcm
Donate
___________________________________________
Like the channel? Please consider supporting me on Patreon:
https://www.patreon.com/thecybermentor
Support the stream (one-time): https://streamlabs.com/thecybermentor
Hacker Books:
Penetration Testing: A Hands-On Introduction to Hacking: https://amzn.to/31GN7iX
The Hacker Playbook 3: https://amzn.to/34XkIY2
Hacking: The Art of Exploitation: https://amzn.to/2VchDyL
The Web Application Hacker's Handbook: https://amzn.to/30Fj21S
Real-World Bug Hunting: A Field Guide to Web Hacking: https://amzn.to/2V9srOe
Social Engineering: The Science of Human Hacking: https://amzn.to/31HAmVx
Linux Basics for Hackers: https://amzn.to/34WvcXP
Python Crash Course, 2nd Edition: https://amzn.to/30gINu0
Violent Python: https://amzn.to/2QoGoJn
Black Hat Python: https://amzn.to/2V9GpQk
My Build:
lg 32gk850g-b 32" Gaming Monitor:https://amzn.to/30C0qzV
darkFlash Phantom Black ATX Mid-Tower Case: https://amzn.to/30d1UW1
EVGA 2080TI: https://amzn.to/30d2lj7
MSI Z390 MotherBoard: https://amzn.to/30eu5TL
Intel 9700K: https://amzn.to/2M7hM2p
G.SKILL 32GB DDR4 RAM: https://amzn.to/2M638Zb
Razer Nommo Chroma Speakers: https://amzn.to/30bWjiK
Razer BlackWidow Chroma Keyboard: https://amzn.to/2V7A0or
CORSAIR Pro RBG Gaming Mouse: https://amzn.to/30hvg4P
Sennheiser RS 175 RF Wireless Headphones: https://amzn.to/31MOgpu
My Recording Equipment:
Panasonic G85 4K Camera: https://amzn.to/2Mk9vsf
Logitech C922x Pro Webcam: https://amzn.to/2LIRxAp
Aston Origin Microphone: https://amzn.to/2LFtNNE
Rode VideoMicro: https://amzn.to/309yLKH
Mackie PROFX8V2 Mixer: https://amzn.to/31HKOMB
Elgato Cam Link 4K: https://amzn.to/2QlicYx
Elgate Stream Deck: https://amzn.to/2OlchA5
*We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.