Web App Testing: Episode 1 - Enumeration
0:00 - Introductions/Welcomes
5:47 - whoami
7:25 - Course learning objectives
11:30 - Important TCM resources
14:03 - Web app resources
26:15 - Five stages of ethical hacking
30:30 - Reconnaissance overview
34:30 - Identifying target to enumerate
36:15 - Using sublist3r to identify subdomains
40:50 - Using crt.sh to identify subdomains
44:45 - Setting up proxy for Burp Suite
46:50 - Enumerating with Burp Suite
1:05:00 - Credential stuffing/password spraying theory/tools
1:13:50 - Using Nikto as a vulnerability scanner
1:16:10 - Enumerating cipher strength
1:18:07 - Using nmap for fingerprinting
1:19:55 - Actively scanning with Burp Suite Pro
1:28:30 - Reviewing Juice Shop
1:31:43 - AMA begins
Resource List
Juice Shop:
https://github.com/bkimminich/juice-shop#setup
https://bkimminich. ...
Продолжительность: | 02:33:39 |
Просмотров на youtube: | 63811 |
Youtube: https://www.youtube.com/watch?v=ZBi8Qa9m5c0
Комментарии