https://www.tcm.rocks/KeeperDemo Keeper Security’s nextgen privileged access management solution delivers enterprisegrade password, secrets and privileged connection management in one unified platform. Request a demo on how you can protect your organization against cyber threats with zerotrust Enterprise Password Management (EPM). https://www.tcm.rocks/KeeperDemo

Check out the full Practical Bug Bounty course here: https://www.tcm.rocks/PracticalBugBounty
You can sign up for Intigriti's Program here: https://www.tcm.rocks/IntigritiSignUp

Labs for this video: https://drive.google.com/file/d/1RhCn...

Sponsor a Video: https://www.tcm.rocks/Sponsors
Pentests & Security Consulting: https://tcmsec.com
Get Trained: https://academy.tcmsec.com
Get Certified: https://certifications.tcmsec.com
Merch: https://merch.tcmsec.com

0:00:00 Intro
0:03:00 Keeper Security Sponsorship
0:03:48 Course Introduction
0:10:02 Importance of Web App Security
0:16:26 Web App Security Standards and Best Practices
0:29:57 Bug Bounty Hunting vs Penetration Testing
0:40:16 Phases of a Web App Pentest
0:57:36 CryptoCat Introduction
0:59:19 Understanding Scope, Ethics, Code of Conduct, etc.
1:13:29 Common Scoping Mistakes
1:37:59 Installing VMWare / VirtualBox
1:41:14 Installing Linux
1:50:20 Lab Installation
1:57:36 Web Technologies
2:02:14 HTTP & DNS
2:05:47 Fingerprinting Web Technologies
2:18:00 Directory Enumeration and Brute Forcing
2:38:07 Subdomain Enumeration
2:55:43 Burp Suite Overview
3:34:35 Introduction to Authentication
3:36:11 Bruteforce Attacks
3:43:11 Attacking MFA
3:48:38 Authentication Challenge Walkthrough
3:58:38 Intro to Authorization
3:59:48 IDOR Insecure Direct Object Reference
4:06:15 Introduction to APIs
4:11:04 Broken Access Control
4:19:33 Testing with Autorize
4:27:02 Introduction to LFI/RFI
4:28:39 Local File Inclusion Attacks
4:32:59 Remote File Inclusion Attacks
4:40:37 File Inclusion Challenge Walkthrough
4:45:05 Conclusion

Social Media
___________________________________________
Twitter:   / thecybermentor  
Twitch:   / thecybermentor  
Instagram:   / thecybermentor  
LinkedIn:   / heathadams  
TikTok:   / thecybermentor  
Discord:   / discord  

Donate
___________________________________________
Like the channel? Please consider supporting me on Patreon:
  / thecybermentor  
Support the stream (onetime): https://streamlabs.com/thecybermentor

Hacker Books:
Penetration Testing: A HandsOn Introduction to Hacking: https://amzn.to/31GN7iX
The Hacker Playbook 3: https://amzn.to/34XkIY2
Hacking: The Art of Exploitation: https://amzn.to/2VchDyL
The Web Application Hacker's Handbook: https://amzn.to/30Fj21S
RealWorld Bug Hunting: A Field Guide to Web Hacking: https://amzn.to/2V9srOe
Social Engineering: The Science of Human Hacking: https://amzn.to/31HAmVx
Linux Basics for Hackers: https://amzn.to/34WvcXP
Python Crash Course, 2nd Edition: https://amzn.to/30gINu0
Violent Python: https://amzn.to/2QoGoJn
Black Hat Python: https://amzn.to/2V9GpQk

My Build:
lg 32gk850gb 32" Gaming Monitor:https://amzn.to/30C0qzV
darkFlash Phantom Black ATX MidTower Case: https://amzn.to/30d1UW1
EVGA 2080TI: https://amzn.to/30d2lj7
MSI Z390 MotherBoard: https://amzn.to/30eu5TL
Intel 9700K: https://amzn.to/2M7hM2p
G.SKILL 32GB DDR4 RAM: https://amzn.to/2M638Zb
Razer Nommo Chroma Speakers: https://amzn.to/30bWjiK
Razer BlackWidow Chroma Keyboard: https://amzn.to/2V7A0or
CORSAIR Pro RBG Gaming Mouse: https://amzn.to/30hvg4P
Sennheiser RS 175 RF Wireless Headphones: https://amzn.to/31MOgpu

My Recording Equipment:
Panasonic G85 4K Camera: https://amzn.to/2Mk9vsf
Logitech C922x Pro Webcam: https://amzn.to/2LIRxAp
Aston Origin Microphone: https://amzn.to/2LFtNNE
Rode VideoMicro: https://amzn.to/309yLKH
Mackie PROFX8V2 Mixer: https://amzn.to/31HKOMB
Elgato Cam Link 4K: https://amzn.to/2QlicYx
Elgate Stream Deck: https://amzn.to/2OlchA5

*We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.