Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
Learn web application penetration testing from beginner to advanced. This course is perfect for people who are interested in cybersecurity or ethical hacking.
⭐️Resources⭐️
🔗Burp Suite: portswigger.net/burp
🔗WAFW00F: github.com/EnableSecurity/waf...
🔗OWASP SAP: www.zaproxy.org/
🔗Metasploit: github.com/rapid7/metasploit-...
🔗Kali Linux: www.kali.org/downloads/
🔗OWASP Juice Shop www.owasp.org/index.php/OWASP...
🔗Damn Vulnerable Web Application (DVWA): www.dvwa.co.uk/
🔗 HackerSploit Website: hsploit.com/
⭐️Course Contents⭐️
⌨️(0:00:00) Setting Up Burp Suite
⌨️(0:08:07) Spidering & DVWA
⌨️(0:19:04) Brute Force Attacks With Burp Suite
⌨️(0:32:55) Target Scope And Spidering
⌨️(0:46:32) Discovering Hidden Files With ZAP
⌨️(1:04:24) Web Application Firewall Detection with WAFW00F
⌨️(1:12:28) DirBuster
⌨️(1:25:27) XSS(Reflected, Stored & DOM)
⌨️(1:41:22) CSRF (Cross Site Request Forgery)
⌨️(2:02:42) Cookie Collection & Reverse Engineering
⌨️(2:14:17) HTTP Attributes (Cookie Stealing)
⌨️(2:27:48) SQL Injection
Course created by HackerSploit. Check out the HackerSploit KZread channel: / hackersploit
--
Learn to code for free and get a developer job: www.freecodecamp.org
Read hundreds of articles on programming: medium.freecodecamp.org
Пікірлер: 588
I am overwhelmed by the value this channel offers
@shibafundamentado1837
Жыл бұрын
this channel is a goldmine of knowledge
@ShahrinRahman
Жыл бұрын
Same here.
@theyellowflash100
Жыл бұрын
This is from hackersploit, search it up
NOTE: Anyone who is having trouble with connecting metasploitable with browser in kali 1) go to the metasploitable network settings in your hypervisor( virtual machine monitor or VMM) like virtual box 2) change to the adapter from NAT to Bridge thats all like so more people can see it
@nathanielahao
2 жыл бұрын
Though bridge gives an easier option to setting the network..but I would prefer you use host network ..it does the same but it has an added advantage..it doesn’t expose your vms to other people on the internet only your host can access them…bridge exposes your vms to other people on the network
@dhananjaykumar687
Жыл бұрын
Thinks bro u are great ❤️
@Fairouznajib
4 ай бұрын
@@nathanielahaohello, I’m stuck, can we communicate please?
@PCs454
Ай бұрын
no i dont think opening metasploitable as bridged is safe for your home network
This guy is not only knowledgeable and a good teacher... he's extremely funny too....
⌨️(0:00:00) Setting Up Burp Suite ⌨️(0:08:07) Spidering & DVWA ⌨️(0:19:04) Brute Force Attacks With Burp Suite ⌨️(0:32:55) Target Scope And Spidering ⌨️(0:46:32) Discovering Hidden Files With ZAP ⌨️(1:04:24) Web Application Firewall Detection with WAFW00F ⌨️(1:12:28) DirBuster ⌨️(1:25:27) XSS(Reflected, Stored & DOM) ⌨️(1:41:22) CSRF (Cross Site Request Forgery) ⌨️(2:02:42) Cookie Collection & Reverse Engineering ⌨️(2:14:17) HTTP Attributes (Cookie Stealing) ⌨️(2:27:48) SQL Injection
@RavindraKumarSG
5 жыл бұрын
thanks
@faithunitedministries282
5 жыл бұрын
when I set up proxy, I no longer able to use browser. Error: connection not private. How can I get around this to view the video and use burp suite.
@anonymuser6873
5 жыл бұрын
@@ammarbinfaisal salamu aleikum brother, good explaination. Thank you!
@gtssenna
4 жыл бұрын
The best comment! Thanks!!
@vinayjain322
Жыл бұрын
@@apackalu2718at least he did it for those who don't check description. And it's helpful 😄
3 years later and you're still getting views and comments bro. I absolutely love your content. Helps me out a great deal as a beginner in pentesting. Love the subject a great deal
@vilanstrikegaming5114
2 жыл бұрын
Yes
@roshanhussain2911
2 жыл бұрын
yes your right
@EduardoRodrigues-ev7ej
Жыл бұрын
That's how KZread works
@chukwudiudennaka7521
8 ай бұрын
Please i heard in the video you have a special course about web application penetration testing with ZAp not burp suite. As Zap is being touted as a very massive tool, you can hardly find detailed resources on it. Everyone seems to be talking about Burp suite especially the pro version. So please if you could kindly direct me to the course, I would mostly appreciate it
I'm watching this nearly after 2 years but it is still much more informative 👍
This is really amazing to hear hackersploit voice.
This is so helpful. Thanks a ton!
Wonderful explanation All doubts cleared and feel confident.
Amazing I learn a lot from this video thanks for sharing this knowledge with us on KZread.
Thank you a lot for the content, I appreciate a lot you taking the time to pass your knowledge forward Thank you very much
@jessicahsmith4815
3 жыл бұрын
hackerlouis05 on Instagram is the best when it comes to hacking He's services are fast and legit and he doesn't charge much
@omarifinn9987
2 жыл бұрын
sorry to be so offtopic but does anybody know of a tool to log back into an Instagram account?? I was stupid lost my login password. I would appreciate any assistance you can give me
love this guy no nonsense tutorials thanks bro
Sick cant wait to dive into this!
Thank you Tesfay. Such a great video for study purpose.
I love this org and youtube channel
This covers the material clearly and thoroughly. Thanks!
Thank you so much Sir !!! You're a great Teacher! Be blessed!
Super helpful content...Thanks so much!
Excellent teaching man it's very easy to understand ♥️
@emkt3659
Жыл бұрын
L
In the business for a while and was just curious. Well explained and presented. Cheers.
@ThisIsAli_Off
2 жыл бұрын
As someone in the field, would you advice me to take this course? Is there an important gap between the content of this course and real work or is it very close please? (I am a complete beginner in cybersecurity)
@nosmokeweed1888
2 жыл бұрын
@@ThisIsAli_Off i would like to know this too
@whannabi
Жыл бұрын
@@ThisIsAli_Off I don't think you can simply watch 2 hours of video and suddenly become a professional. Especially not with computer given the huge amount of things to learn
@ThisIsAli_Off
Жыл бұрын
@@whannabi Yup, this is especially true for cybersecurity. Every time I think I start "mastering" the basics, I discover a totally new topic that I don't know anything about. It can be very intimidating to start cybersec when you see how large the field is and how hard it is.
loving it, very helpful
is that video from hackersploit channel cause i heard hackersploit tag in the begening
@freecodecamp
5 жыл бұрын
Yes. We were so excited that Hackersploit gave us permission to post this great course.
@younessihem7979
3 жыл бұрын
@@freecodecamp a1
@jessicahsmith4815
3 жыл бұрын
hackerlouis05 on Instagram is the best when it comes to hacking He's services are fast and legit and he doesn't charge much
So nice explanation sir it's really nice the world's best teacher
i like your tutorials ...continue please.
I liked the video as soon as I heard his voice.
how great you are man! i salute you. you make me believe!
Thanks Brother .....its very useful to me
thank you so much for this video, makes everything so clear : thank you!
Great video in which you have really given a lot of effort to explain everything in detail. I have a question about the DirBuster is there a way to get a list from a cloud instead of a local computer? regards -- Danny
You rock!! Good stuff right here!!!!!
doing this. been wanting this for a long time
Awesome content and explanation... Got to know so many things
@aalphaas7719
2 жыл бұрын
Complete TOR anonymity tutorials using TAILS, WHONIX and KODACHI linux kzread.info/dash/bejne/rJuqt8ytn5uwZs4.html
Thank you from Melbourne Australia
This is amazing stuff for beginners. Thank You
@user-kx1le7yn1k
3 жыл бұрын
"really really really really really really really really really really " "all good stuff"
@parmeet8455
3 жыл бұрын
Hey Hashim! Do I need to learn anything prior for this course? And where can learn it (paid/free). Thanks
@hashimjaved7416
3 жыл бұрын
@@parmeet8455 depends on your study background.
even tho u speak faster but u still one of my best teacher. bless u
really helpful video for bigginer
This is really awesome
omg! this is an awesome video. 3 hours? yep. the longest video i ever seen.
@sul3y
5 жыл бұрын
Check out start hacking today
So easy to follow thx
Brilliant, thank you 👍
This is really helpfull video for us kindly upload video for ethical hacking on desktops application thanks
Most Wanted video
You don't really know what penetration is until one day you find out that there is a back-door on your system that won't let you in! Hopefully this video will show the way to a better Internet experience!!!
Thank you, hackersploit! 💕
@lljw9455
Жыл бұрын
Stop*
Please make another more advance course for begginers in web pentesting
list of tools and applications: dvwa bwapp juice shop owasp zap dirbuster
nice and recommended indeed bravo work😍
Strong title, great content.
Please during the course, i heard you had a seperate tutorial on the use of ZAp for web applications testing. I ask this because everyone seems to be leaning towards burp suite pro and there are hardly any tutorials out there except yours at least which cover zap in detail for web app pen testing. Please if you would kindly direct me to that tutorial i would appreciate it.
The first brute force was admin admin. You were rushing through it. Nice job.
@Powerfulwordsofbible
4 жыл бұрын
Bro can u tell me the best websites for learning hacking
@bugr33d0_hunter8
4 жыл бұрын
@@Powerfulwordsofbible depends on what type of hacking you want to learn. Reverse engineering, binary exploitation, Web_app security, Networking security, Systems admin security, Bug_Bounty. Programming in languages like C, Bash, Python are also needed.
@Powerfulwordsofbible
4 жыл бұрын
@@bugr33d0_hunter8 i want to become an ethical hacker
@Powerfulwordsofbible
4 жыл бұрын
I'm at beginning stage
@queefstroganoff2643
3 жыл бұрын
@@Powerfulwordsofbible you need to learn a couple languages before you should do anything else.
What happened to the spider tab in burp suite? It doesn't seem to exist in burp suite 2020.
"really really really really really really really really really really " "all good stuff"
@AP-rv6kk
3 жыл бұрын
irregardless
Thank you very much!
Many thanks for this video. DO you have next video in this series?
I am running Kali in VirtualBox. It does not have a button to add an exception. Firefox was probably updated in the newer Kali. Does anyone know how to create the exception a different way?
@ajith1804
5 жыл бұрын
I had the same problem.But I installed parrot os,and the problem is solved
@zyrox347
4 жыл бұрын
You can use an usb for runnig kali linux in your pc :)
Is this done on a virtual enviroment?
You can skip (2.)Spidering as it's not present in the burpsuite anymore. I think there is something to do with some new laws about crawling but the team is working on a new method implemented in Pro and Community editions with no ETA for now thou.
@splashkid8410
3 жыл бұрын
How do I find someone ip using their phone number
@Nick-vd7cg
11 ай бұрын
Whats the alternative for spidering then? I'm trying to learn copying this guy as a total beginner.
Finally ! Something with PARROT OS, There is no books available about parrot os. 😢
@asmerdam5126
3 жыл бұрын
Thank you so much for this video! I really appreciate, I was referred by Ted, he helped me throughout the whole process with no extra cost. This is my referral as promised mx076 on wickr or telegram.
@michealsmith9150
3 жыл бұрын
@@asmerdam5126 thanks alot for sharing this!
@michealjames166
3 жыл бұрын
@@asmerdam5126 just contacted him! hoping for the best
Thanks for explaining the difference between the two but I’m new to cyber security I’m wondering which one to do first the pen-testing or vulnerability scanning? Any advise is welcomed as I’m looking for a book camp after I take a couple of online classes
@kalakotibrahmateja5917
Жыл бұрын
vulnerability scanning bro
great way for me to refresh
Thanks for this ❤
This voice i didn't forget.. :D
@noahrodriguez4560
3 жыл бұрын
I get the idea! 😅
You need to have pro version of burpsuite right, mine doesnt have few of the important options like spider and all.
Youre awesome teacher, can you please do a video on how to find the login username and password for a router gateway url? Please and thank you!!
hi, thanks for the videos. I have a question at bruteforce. When i go to response/render it shows Unable to render response! Why is this happening? any clue anyone?
Thank you, many source used money for acces
I am unable to reset juice shop score..when I start it already has something done ..changed IP .. deleted cookies nothing changes it
why there is no spider branch on latest version of burp suite
So explanatory. Thanks alot. But can one of these methods be used to bypass otp verification code...If you could do a video on that
Good day! What's the name of the next you've made ? cause I couldn't find it .
It's saying that the proxy server is refusing the connection on firefox. What should I do now?
do the proxy settings have to be the same as the video above
Any prerequisites for this course?
Hello, how can i get firewall name and version, tried wawoof, but its giving a wrong name. any other way?
thank you very much
Awasome 😍
To me the ZAP is more user-friendly sir, becos I follow your other video finding useful information by doing the ZAP spiders
you'r awesome man
Buen contenido ⭐⭐👋👋
Is it legal to use your website to learn along the way with the video ? By letting Burpsuite at it ?
excellent choice, alexis FTW
I'm going to quite CSGO and start this tutorial from today....
@aronpop1447
5 жыл бұрын
I recommend English lesson first
@xitijdesai
5 жыл бұрын
@@aronpop1447 hahah..
pause at 1:25:27 and shake your screen (if you are on your phone).
First of thank you for the great video! I just don't understand why you are using two script at 2:22:40 ?
@anupamjaiswal7714
3 жыл бұрын
Take a look in JavaScript and html, you'll get it.
Nice work
46:32 timestamp for me
@mozart0
2 жыл бұрын
It's been 6 months ago..how is it going? Was the information in the video outdated?
@TheDaha
2 жыл бұрын
@@mozart0 nobody ever rep loss for updates lol
why so nervous? you do a really nice job explaining bro!
Thank u
Knowledgeable
is it possible for you to create new playlist of cyber security because course is too old and lot have changed
Prerequisites please?
I need some CEH-V10 tutorial please..
after setting up burpsuite it is not showing any http history upon opening burpsuite is said i am using JRE version 11.0.1 progrom may not run properly .....Help?...
this better not be illegal i woke up to this video
I have 2 questions: 1) What is the purpose of setting the proxy? Why we set the proxy to localhost? Using this proxy I'm not able to reach a web resource. 2) I can't select the checkbox in the App, under the 'Proxy' -> 'Options' -> Running 4:59
@playmaker1011
5 жыл бұрын
Check settings, you can reach everything, proxy is only intercept the request/response
@ganeshprasad9851
3 жыл бұрын
Proxy servers act as a firewall and web filter, provide shared network connections, and cache data to speed up common requests. People generally use these proxy servers to make the website thing that this ip address didn't visit their site before.
Why I am Missing Spider in my version? currently using v2020.7 i don't see the spider tab?
could one help please, Burp Suite would not open on a new Parrot security 5.3 installation ; also noticed chrome for Linux after freshly installed is behaving the same way and not starting ?
Thanks Alexis
Hacker Sploit! Love from Israel!
thankyou sir