Web App Testing: Episode 1 - Enumeration

0:00 - Introductions/Welcomes 5:47 - whoami 7:25 - Course learning objectives 11:30 - Important TCM resources 14:03 - Web app resources 26:15 - Five stages of ethical hacking 30:30 - Reconnaissance overview 34:30 - Identifying target to enumerate 36:15 - Using sublist3r to identify subdomains 40:50 - Using crt.sh to identify subdomains 44:45 - Setting up proxy for Burp Suite 46:50 - Enumerating with Burp Suite 1:05:00 - Credential stuffing/password spraying theory/tools 1:13:50 - Using Nikto as a vulnerability scanner 1:16:10 - Enumerating cipher strength 1:18:07 - Using nmap for fingerprinting 1:19:55 - Actively scanning with Burp Suite Pro 1:28:30 - Reviewing Juice Shop 1:31:43 - AMA begins Resource List Juice Shop: https://github.com/bkimminich/juice-shop#setup https://bkimminich. ...