Zenler Player
Your course is loading. Hang tight.
OWASP Top 10 by the XSS RAT
Back to curriculum
0% Complete
0% Complete
M1 2016 Improper Platform Usage 18d0fcc0b3894782a295d467c9438427
M2 2016 Insecure Data Storage 6ca60fb5c4bb44449d476225c8809e11
M3 2016 Insecure Communication 80f3b2ff1b3149c596fab8a35c30d9fb
M4 2016 Insecure Authentication 3249c18182f94ba480f833605d205c36
M5 2016 Insufficient Cryptography 35e320de124c41f79eacf5b5769374bf
API0 2019 What is an API 7c7d7b55e448404281406520403e5103
API1 2019 Broken Object Level Authorization b9ba1165c79345ceb6127a550be0dcd0
API2 2019 Broken User Authentication 763174cf1c1a49d885025eac7b914c92
API hacking with postman Part 2 - importing the API description
API hacking with postman Part 4 - Getting dirty with data sources
API hacking with postman Part 3 Pre-request scripts, tests and console
API hacking with postman Part 1 - getting the basics down
API-firewall webinar rehersal
Video: API top 10 - 0 through 3
Video: API top 10 - 4 through 7
Video: API top 10 - 8
Video: API top 10 - 9
OWASP Top 10 - Introduction
OWASP Top 10 - Introduction PDF
OWASP Top 10 - Injection
OWASP Top 10 - Injection PDF
A1 Injection - Rebuilt
A1. DVWA-OS command injection
A1. Injection - Simple injection
A1. Injection - SQLi
A1. Injections - XXE
A1.Injection - blind command injection
Quiz: A1.2017 Injections
OWASP Top 10 - Broken authentication
OWASP Top 10 - Broken authentication PDF
A2.2017 - Broken Authenticaton - Demonstated
DVWA-Broken authentication
OWASP Top 10 - Sensitive data exposure
OWASP Top 10 - Sensitive data exposure PDF
A3.2017 - Sensitive information exposure
A3.2017_Sensitive_data_expos201720sensitive20data20exposure
OWASP Top 10 - XXE
OWASP Top 10 - XXE PDF
0-Into
1-what is XXE
2-Finding attack vectors
3-Exploiting
4-WAFs and filters
5-Tools and prevention
XXE is so much more than just .xml
Blind XXE and parameter entities with portswigger burp suite collaborator and labs
Ethical hacking tutorial with Portswigger labs_ XXE
Chaining XXE into SSRF_ PortSwigger labs
4_XML_eXternal_Entities
OWASP Top 10 - Broken Access Control
OWASP Top 10 - Broken Access Control PDF
BAC
BAC - Slides
BAC
OWASP Top 10 - Security misconfigurations
OWASP Top 10 - Security misconfigurations PDF
A6.2017 Security misconfigurations
OWASP Top 10 - XSS PDF
OWASP Top 10 - XSS
Ultimate XSS guide (1)
Advanced XSS techniques
Testing for reflected XSS
WAF bypass techniques
XSS Filter evasion techniques
DVWA - stored xss
DVWA-Reflected XSS
OWASP Top 10 - Insecure Deserilizations
OWASP Top 10 - Insecure Deserilizations PDF
OWASP Top 10 - Using components with known vulnerabilities
OWASP Top 10 - Using components with known vulnerabilities PDF
A9. Exploit-db examples
OWASP Top 10 - Insufficient logging and monitoring
OWASP Top 10 - Insufficient logging and monitoring PDF
A1. How to prevent SQLi
A1. How to prevent OS command injection
A2. How to protect from broken authentication
OWASP Mobile top 10
M1 2016 Improper Platform Usage 18d0fcc0b3894782a295d467c9438427
M2 2016 Insecure Data Storage 6ca60fb5c4bb44449d476225c8809e11
M3 2016 Insecure Communication 80f3b2ff1b3149c596fab8a35c30d9fb
M4 2016 Insecure Authentication 3249c18182f94ba480f833605d205c36
M5 2016 Insufficient Cryptography 35e320de124c41f79eacf5b5769374bf
OWASP API TOP 10
API0 2019 What is an API 7c7d7b55e448404281406520403e5103
API1 2019 Broken Object Level Authorization b9ba1165c79345ceb6127a550be0dcd0
API2 2019 Broken User Authentication 763174cf1c1a49d885025eac7b914c92
API hacking with postman Part 2 - importing the API description
API hacking with postman Part 4 - Getting dirty with data sources
API hacking with postman Part 3 Pre-request scripts, tests and console
API hacking with postman Part 1 - getting the basics down
API-firewall webinar rehersal
Video: API top 10 - 0 through 3
Video: API top 10 - 4 through 7
Video: API top 10 - 8
Video: API top 10 - 9
A0.2017 Introduction
OWASP Top 10 - Introduction
Preview
OWASP Top 10 - Introduction PDF
Preview
A1.2017 - Injection
OWASP Top 10 - Injection
Preview
OWASP Top 10 - Injection PDF
Preview
A1 Injection - Rebuilt
A1.2017 - Injection - Practical
A1. DVWA-OS command injection
A1. Injection - Simple injection
A1. Injection - SQLi
A1. Injections - XXE
A1.Injection - blind command injection
Quiz: A1.2017 Injections
A2.2017 - Broken authentication
OWASP Top 10 - Broken authentication
OWASP Top 10 - Broken authentication PDF
A2.2017 - Broken Authentication - Practical
A2.2017 - Broken Authenticaton - Demonstated
DVWA-Broken authentication
A3.2017 - Sensitive data exposure
OWASP Top 10 - Sensitive data exposure
OWASP Top 10 - Sensitive data exposure PDF
A3.2017 - Sensitive data exposure - Practical
A3.2017 - Sensitive information exposure
A3.2017_Sensitive_data_expos201720sensitive20data20exposure
A4.2017 - XXE
OWASP Top 10 - XXE
OWASP Top 10 - XXE PDF
A4.2017 - XXE - Extended
0-Into
1-what is XXE
2-Finding attack vectors
3-Exploiting
4-WAFs and filters
5-Tools and prevention
A4.2017 - XXE - Practical
XXE is so much more than just .xml
Blind XXE and parameter entities with portswigger burp suite collaborator and labs
Ethical hacking tutorial with Portswigger labs_ XXE
Chaining XXE into SSRF_ PortSwigger labs
4_XML_eXternal_Entities
A5.2017 - Broken Access Control
OWASP Top 10 - Broken Access Control
OWASP Top 10 - Broken Access Control PDF
BAC
BAC - Slides
BAC
A6.2017 - Security misconfigurations
OWASP Top 10 - Security misconfigurations
OWASP Top 10 - Security misconfigurations PDF
A6.2017 - Security misconfigurations - Practical
A6.2017 Security misconfigurations
A7.2017 XSS
OWASP Top 10 - XSS PDF
OWASP Top 10 - XSS
Ultimate XSS guide (1)
Advanced XSS techniques
Testing for reflected XSS
WAF bypass techniques
XSS Filter evasion techniques
DVWA - stored xss
DVWA-Reflected XSS
A8.2017 - Insecure Deserilizations
OWASP Top 10 - Insecure Deserilizations
OWASP Top 10 - Insecure Deserilizations PDF
A9.2017 - Using components with known vulnerabilities
OWASP Top 10 - Using components with known vulnerabilities
OWASP Top 10 - Using components with known vulnerabilities PDF
A9. Exploit-db examples
A10.2017 - Insufficient logging and monitoring
OWASP Top 10 - Insufficient logging and monitoring
OWASP Top 10 - Insufficient logging and monitoring PDF
How do i prevent .. as a developer
A1. How to prevent SQLi
A1. How to prevent OS command injection
A2. How to protect from broken authentication
×
This is an unpublished lesson. This lesson will not be shown for students unless you set it as Public.
Back to Dashboard
No contents are available in this lesson!
No lessons available !
Back to Dashboard
Lesson contents locked
Enroll to unlock this lesson.
Enroll to unlock
Next Lesson