+- Softwarez.Info - Software's World! (https://softwarez.info)
+-- Forum: Library Zone (https://softwarez.info/Forum-Library-Zone)
+--- Forum: Video Tutorials (https://softwarez.info/Forum-Video-Tutorials)
+--- Thread: Burp Web Security Academy Apprentice Labs Walkthrough (/Thread-Burp-Web-Security-Academy-Apprentice-Labs-Walkthrough)
Burp Web Security Academy Apprentice Labs Walkthrough - AD-TEAM - 04-11-2025
![[Image: 537368816_que-es-udemy-analisis-opiniones.jpg]](https://img100.pixhost.to/images/404/537368816_que-es-udemy-analisis-opiniones.jpg)
1.64 GB | 5min 35s | mp4 | 1280X720 | 16:9
Genre:eLearning |Language:English
Files Included :
24 - File path traversal simple case.mp4 (37.46 MB)
25 - Unprotected admin functionality.mp4 (15.13 MB)
26 - Unprotected admin functionality with unpredictable URL.mp4 (21.18 MB)
27 - User role controlled by request parameter.mp4 (19.77 MB)
28 - User role can be modified in user profile.mp4 (25.11 MB)
29 - User ID controlled by request parameter.mp4 (25.21 MB)
30 - User ID controlled by request parameter with unpredictable user IDs.mp4 (33.51 MB)
31 - User ID controlled by request parameter with data leakage in redirect.mp4 (20.56 MB)
32 - User ID controlled by request parameter with password disclosure.mp4 (24.63 MB)
33 - Insecure direct object references.mp4 (27.07 MB)
34 - Username enumeration via different responses.mp4 (48.12 MB)
35 - 2FA simple bypass.mp4 (16.98 MB)
36 - Password reset broken logic.mp4 (19.84 MB)
37 - Manipulating WebSocket messages to exploit vulnerabilities.mp4 (23.6 MB)
38 - Modifying serialized objects.mp4 (39.23 MB)
39 - Information disclosure in error messages.mp4 (25.38 MB)
40 - Information disclosure on debug page.mp4 (28.28 MB)
41 - Source code disclosure via backup files.mp4 (23.42 MB)
42 - Authentication bypass via information disclosure.mp4 (32.73 MB)
43 - Excessive trust in clientside controls.mp4 (25.18 MB)
44 - Highlevel logic vulnerability.mp4 (35.1 MB)
45 - Inconsistent security controls.mp4 (16.92 MB)
46 - Flawed enforcement of business rules.mp4 (31.73 MB)
47 - Basic password reset poisoning.mp4 (36.32 MB)
48 - Host header authentication bypass.mp4 (17.07 MB)
49 - Authentication bypass via OAuth implicit flow.mp4 (37.11 MB)
50 - Remote code execution via web shell upload.mp4 (39.94 MB)
51 - Web shell upload via ContentType restriction bypass.mp4 (35.24 MB)
2 - SQL injection vulnerability in WHERE clause allowing retrieval of hidden data.mp4 (56.96 MB)
3 - SQL injection vulnerability allowing login bypass.mp4 (30.32 MB)
52 - JWT authentication bypass via unverified signature.mp4 (42.41 MB)
53 - JWT authentication bypass via flawed signature verification.mp4 (27.89 MB)
10 - Reflected XSS into attribute with angle brackets HTMLencoded.mp4 (36.49 MB)
11 - Stored XSS into anchor href attribute with double quotes HTMLencoded.mp4 (42.72 MB)
12 - Reflected XSS into a JavaScript string with angle brackets HTML encoded.mp4 (34.35 MB)
4 - Reflected XSS into HTML context with nothing encoded.mp4 (31.46 MB)
5 - Stored XSS into HTML context with nothing encoded.mp4 (47.57 MB)
6 - DOM XSS in documentwrite sink using source locationsearch.mp4 (35.09 MB)
7 - DOM XSS in innerHTML sink using source locationsearch.mp4 (23.64 MB)
8 - DOM XSS in jQuery anchor href attribute sink using locationsearch source.mp4 (29.69 MB)
9 - DOM XSS in jQuery selector sink using a hashchange event.mp4 (45.21 MB)
13 - CSRF vulnerability with no defenses.mp4 (42.27 MB)
14 - Basic clickjacking with CSRF token protection.mp4 (49.28 MB)
15 - Clickjacking with form input data prefilled from a URL parameter.mp4 (40.04 MB)
16 - Clickjacking with a frame buster script.mp4 (31.81 MB)
17 - CORS vulnerability with basic origin reflection.mp4 (47.32 MB)
18 - CORS vulnerability with trusted null origin.mp4 (45.46 MB)
19 - Exploiting XXE using external entities to retrieve files.mp4 (32.36 MB)
20 - Exploiting XXE to perform SSRF attacks.mp4 (32.51 MB)
21 - Basic SSRF against the local server.mp4 (35.47 MB)
22 - Basic SSRF against another backend system.mp4 (32.11 MB)
23 - OS command injection simple case.mp4 (24.44 MB)]
Screenshot
![[Image: xmSfaFA6_o.jpg]](https://images2.imgbox.com/86/be/xmSfaFA6_o.jpg)
24 - File path traversal simple case.mp4 (37.46 MB)
25 - Unprotected admin functionality.mp4 (15.13 MB)
26 - Unprotected admin functionality with unpredictable URL.mp4 (21.18 MB)
27 - User role controlled by request parameter.mp4 (19.77 MB)
28 - User role can be modified in user profile.mp4 (25.11 MB)
29 - User ID controlled by request parameter.mp4 (25.21 MB)
30 - User ID controlled by request parameter with unpredictable user IDs.mp4 (33.51 MB)
31 - User ID controlled by request parameter with data leakage in redirect.mp4 (20.56 MB)
32 - User ID controlled by request parameter with password disclosure.mp4 (24.63 MB)
33 - Insecure direct object references.mp4 (27.07 MB)
34 - Username enumeration via different responses.mp4 (48.12 MB)
35 - 2FA simple bypass.mp4 (16.98 MB)
36 - Password reset broken logic.mp4 (19.84 MB)
37 - Manipulating WebSocket messages to exploit vulnerabilities.mp4 (23.6 MB)
38 - Modifying serialized objects.mp4 (39.23 MB)
39 - Information disclosure in error messages.mp4 (25.38 MB)
40 - Information disclosure on debug page.mp4 (28.28 MB)
41 - Source code disclosure via backup files.mp4 (23.42 MB)
42 - Authentication bypass via information disclosure.mp4 (32.73 MB)
43 - Excessive trust in clientside controls.mp4 (25.18 MB)
44 - Highlevel logic vulnerability.mp4 (35.1 MB)
45 - Inconsistent security controls.mp4 (16.92 MB)
46 - Flawed enforcement of business rules.mp4 (31.73 MB)
47 - Basic password reset poisoning.mp4 (36.32 MB)
48 - Host header authentication bypass.mp4 (17.07 MB)
49 - Authentication bypass via OAuth implicit flow.mp4 (37.11 MB)
50 - Remote code execution via web shell upload.mp4 (39.94 MB)
51 - Web shell upload via ContentType restriction bypass.mp4 (35.24 MB)
2 - SQL injection vulnerability in WHERE clause allowing retrieval of hidden data.mp4 (56.96 MB)
3 - SQL injection vulnerability allowing login bypass.mp4 (30.32 MB)
52 - JWT authentication bypass via unverified signature.mp4 (42.41 MB)
53 - JWT authentication bypass via flawed signature verification.mp4 (27.89 MB)
10 - Reflected XSS into attribute with angle brackets HTMLencoded.mp4 (36.49 MB)
11 - Stored XSS into anchor href attribute with double quotes HTMLencoded.mp4 (42.72 MB)
12 - Reflected XSS into a JavaScript string with angle brackets HTML encoded.mp4 (34.35 MB)
4 - Reflected XSS into HTML context with nothing encoded.mp4 (31.46 MB)
5 - Stored XSS into HTML context with nothing encoded.mp4 (47.57 MB)
6 - DOM XSS in documentwrite sink using source locationsearch.mp4 (35.09 MB)
7 - DOM XSS in innerHTML sink using source locationsearch.mp4 (23.64 MB)
8 - DOM XSS in jQuery anchor href attribute sink using locationsearch source.mp4 (29.69 MB)
9 - DOM XSS in jQuery selector sink using a hashchange event.mp4 (45.21 MB)
13 - CSRF vulnerability with no defenses.mp4 (42.27 MB)
14 - Basic clickjacking with CSRF token protection.mp4 (49.28 MB)
15 - Clickjacking with form input data prefilled from a URL parameter.mp4 (40.04 MB)
16 - Clickjacking with a frame buster script.mp4 (31.81 MB)
17 - CORS vulnerability with basic origin reflection.mp4 (47.32 MB)
18 - CORS vulnerability with trusted null origin.mp4 (45.46 MB)
19 - Exploiting XXE using external entities to retrieve files.mp4 (32.36 MB)
20 - Exploiting XXE to perform SSRF attacks.mp4 (32.51 MB)
21 - Basic SSRF against the local server.mp4 (35.47 MB)
22 - Basic SSRF against another backend system.mp4 (32.11 MB)
23 - OS command injection simple case.mp4 (24.44 MB)]
Screenshot