ata exposure - 80. Broken access control - 81. Insufficien | Ethical Hacking Tutorials

ata exposure -


80. Broken access control -


81. Insufficient logging and monitoring -



82. XML external entities -


83. Using components with known vulnerabilities -



84. Cross-site scripting -


85. Security misconfiguration -


LUKE BRINER
86. Injection explained -


87. Broken authentication and session management -



88. Cross-site scripting -


89. Insecure direct object reference -


90. Security misconfiguration -


91. Sensitive data exposure -


92. Missing functional level access control -


93. Cross-site request forgery -


94. Components with known vulnerabilities -


95. Unvalidated redirects and forwards -


Phase 6 – Session management testing
96. Bypass authentication using cookie manipulation -


97. Cookie Security Via httponly and secure Flag - OWASP -


98. Penetration testing Cookies basic -


99. Session fixation 1 -


100. Session fixation 2 -


101. Session fixation 3 -


102. Session fixation 4 -


103. CSRF - Cross site request forgery 1 -


104. CSRF - Cross site request forgery 2 -


105. CSRF - Cross site request forgery 3 -


106. CSRF - Cross site request forgery 4 -


107. CSRF - Cross site request forgery 5 -


108. Session puzzling 1 -


109. Admin bypass using session hijacking -



Phase 7 – Bypassing client-side controls
110. What is hidden forms in HTML -


111. Bypassing hidden form fields using tamper data -


112. Bypassing hidden form fields using Burp Suite (Purchase application) -


113. Changing price on eCommerce website using parameter tampering -


114. Understanding cookie in detail -


115. Cookie tampering with tamper data-


116. Cookie tamper part 2 -