Master Web Security: Advanced Attacks & Defense 2024

Focused View

1:48:38

1. Introduction to the Course

1. Introduction.mp4

01:34

2. RCE Attacks and Techniques

1. Remote Command or OS Command Injection Basics.mp4

07:00

2. Blind RCE Injection.mp4

06:13

3. RCE Techniques and Cheat Sheet.mp4

06:12

4. Bypassing RCE Filter.mp4

02:46

3. JSON Hijacking

1. JSON Hijacking Basics.mp4

03:24

2. JSON Hijacking Demo.mp4

04:36

4. Lesser Known XSS Variants

1. mXSS or mutation XSS .mp4

05:25

2. rPO XSS or Relative Path Overwrite XSS.mp4

05:04

5. Server Side Includes Injection (SSI Injection)

1. Server Side Includes Injection Basics.mp4

02:49

2. Server Side Includes Injection Demo.mp4

03:25

6. Server Side Request Forgery (SSRF)

1. Server Side Request Forgery Basics.mp4

02:50

2. Exploiting an SSRF Vulnerability.mp4

07:30

7. Reflected File Download (RFD)

1. Reflected File Download (RFD) Theory.mp4

08:20

2. RFD Attack Explained.mp4

12:00

8. Abusing Window.Opener Property

1. Abusing JavaScripts window.opener property Theory.mp4

04:26

2. Phishing demo by abusing window.opener property .mp4

00:54

9. Same Origin Method Execution (SOME)

SOME Attack with Flash Callback Demo OpSecX.mp4

08:04

SOME Attack with Flash Callback explained OpSecX.mp4

05:17

Same Origin Method Execution Introduction OpSecX.mp4

07:11

Same Origin Policy SOP OpSecX.mp4

03:38

10. Course Materials

1. Course Slides.pdf

2. Source Code.rar

More details

Course Overview
This comprehensive course dives into advanced web security vulnerabilities and attack techniques, equipping you with the knowledge to identify and mitigate lesser-known threats in modern web applications.

What You'll Learn

Advanced RCE techniques and filter bypass methods
Exploiting JSON Hijacking and XSS variants (mXSS/rPO)
Server-side vulnerabilities like SSI Injection and SSRF

Who This Is For

Penetration testers seeking advanced web attack vectors
Web developers focused on security hardening
Bug bounty hunters expanding their vulnerability knowledge

Key Benefits

Hands-on demos of rare attack techniques
Practical cheat sheets for real-world scenarios
Includes course slides and source code for practice

Curriculum Highlights

RCE Attacks: Blind injection to filter bypass
JSON Hijacking & XSS Variants (mXSS/rPO)
SSI Injection, SSRF, and RFD attacks

Focused display

Ethical Hacking

Penetration Testing

language english
Training sessions 21
duration 1:48:38
Release Date 2025/05/27

Courses related to Ethical Hacking

Subtitles

Master Ethical Hacking & Cybersecurity with AI - 2024 Pro Guide

7:30:20

English subtitles

11/19/2024

Master Ethical Hacking: Network Exploits & Defense (2025)

6:58:09

02/01/2025

Ultimate Ethical Hacking Mastery: CEH Pro 2024 Guide

12:03:39

12/23/2024

Courses related to Penetration Testing

Ultimate OT/ICS Cyber Attack Mastery: 2024 Pro Guide

1:12:21

01/15/2025

Master Burp Suite Pro: Advanced Web Penetration Testing 2024

1:50:14

01/13/2025

Master AV Evasion: Bypass Windows Defender Like a Pro (2024)

1:55:54

01/05/2025