Channel | Publish Date | Thumbnail & View Count | Download Video |
---|---|---|---|
Publish Date not found | 0 Views |
So in this video we're going to do something a little different. Instead, I'm going to walk you through a typical pentest and we're going to see where you should use each tool in the Burp Suite.
* How to run Juice Shop on Docker – https://www.youtube.com/watch?vxwcPgeEFnuM
* Juice Shop Heroku – https://juice-shop.herokuapp.com/
0:00 Introduction
0:57 Setup
1:57 Reconnaissance steps
2:16 Application mapping
5:42 Parameter manipulation
9:44 Finding secrets
14:01 Registration/Login process
20:03 Analyzing JWT tokens
23:16 Special message
25:25 Exploiting IDOR
26:21 Burp Intruder workflow
28:06 Advanced intruder settings
33:03 Finding logical errors
37:30 Exploiting logical errors
39:31 Success & homework for you
40:23 Putting it all together (another logical error)
49:26 Stealing Christmas
49:52 How to know you're done
50:50 Conclusion
#infosec #bugbounty #pentesting #hacking #cybersecurity #burpsuite
Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.