W3siaWQiOiJqdWljX2JfTURfVF83Mjh4OTAiLCJhZHNwb3QiOiJiX01EX1RfNzI4eDkwIiwid2VpZ2h0IjoiOSIsImZjYXAiOmZhbHNlLCJzY2hlZHVsZSI6ZmFsc2UsIm1heFdpZHRoIjpmYWxzZSwibWluV2lkdGgiOiI3NjgiLCJ0aW1lem9uZSI6ZmFsc2UsImV4Y2x1ZGUiOmZhbHNlLCJkb21haW4iOmZhbHNlLCJjb2RlIjoiPCEtLSBKdWljeUFkcyB2My4xIC0tPlxyXG48c2NyaXB0IHR5cGU9XCJ0ZXh0XC9qYXZhc2NyaXB0XCIgZGF0YS1jZmFzeW5jPVwiZmFsc2VcIiBhc3luYyBzcmM9XCJodHRwczpcL1wvcG93ZXJlZGJ5LmphZHMuY29cL2pzXC9qYWRzLmpzXCI+PFwvc2NyaXB0PlxyXG48aW5zIGlkPVwiODQ1NTM0XCIgZGF0YS13aWR0aD1cIjcyOFwiIGRhdGEtaGVpZ2h0PVwiOTBcIj48XC9pbnM+XHJcbjxzY3JpcHQgdHlwZT1cInRleHRcL2phdmFzY3JpcHRcIiBkYXRhLWNmYXN5bmM9XCJmYWxzZVwiIGFzeW5jPihhZHNieWp1aWN5ID0gd2luZG93LmFkc2J5anVpY3kgfHwgW10pLnB1c2goeydhZHpvbmUnOjg0NTUzNH0pOzxcL3NjcmlwdD5cclxuPCEtLUp1aWN5QWRzIEVORC0tPiJ9XQ==
W3siaWQiOiJhZHN0X2JfTV8zMDB4NTAiLCJhZHNwb3QiOiJiX01fMzAweDUwIiwid2VpZ2h0IjoiNSIsImZjYXAiOmZhbHNlLCJzY2hlZHVsZSI6ZmFsc2UsIm1heFdpZHRoIjoiNzY4IiwibWluV2lkdGgiOmZhbHNlLCJ0aW1lem9uZSI6ZmFsc2UsImV4Y2x1ZGUiOmZhbHNlLCJkb21haW4iOmZhbHNlLCJjb2RlIjoiPHNjcmlwdCB0eXBlPVwidGV4dFwvamF2YXNjcmlwdFwiPlxyXG4gIGF0T3B0aW9ucyA9IHtcclxuICAgICdrZXknIDogJzdkMWNjMGUxYjk4MWM5NzY4ZGI3ODUxZmM1MzVhMTllJyxcclxuICAgICdmb3JtYXQnIDogJ2lmcmFtZScsXHJcbiAgICAnaGVpZ2h0JyA6IDUwLFxyXG4gICAgJ3dpZHRoJyA6IDMyMCxcclxuICAgICdwYXJhbXMnIDoge31cclxuICB9O1xyXG4gIGRvY3VtZW50LndyaXRlKCc8c2NyJyArICdpcHQgdHlwZT1cInRleHRcL2phdmFzY3JpcHRcIiBzcmM9XCJodHRwJyArIChsb2NhdGlvbi5wcm90b2NvbCA9PT0gJ2h0dHBzOicgPyAncycgOiAnJykgKyAnOlwvXC93d3cuYm5odG1sLmNvbVwvaW52b2tlLmpzXCI+PFwvc2NyJyArICdpcHQ+Jyk7XHJcbjxcL3NjcmlwdD4ifV0=
W3siaWQiOiJqYXZfYl9NRF9CXzcyOHg5MCIsImFkc3BvdCI6ImJfTURfQl83Mjh4OTAiLCJ3ZWlnaHQiOiI1IiwiZmNhcCI6ZmFsc2UsInNjaGVkdWxlIjpmYWxzZSwibWF4V2lkdGgiOmZhbHNlLCJtaW5XaWR0aCI6Ijc2OCIsInRpbWV6b25lIjpmYWxzZSwiZXhjbHVkZSI6ZmFsc2UsImRvbWFpbiI6ZmFsc2UsImNvZGUiOiI8YSBocmVmPVwiaHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2phdlwiIHRhcmdldD1cIl9ibGFua1wiPjxpbWcgc3JjPVwiXC9hcHBcL2phdlwvVmlld1wvaW1nXC9iNzI4OTAuanBnXCIgd2lkdGg9XCI3MjhcIiBoZWlnaHQ9XCI5MFwiIGJvcmRlcj1cIjBcIj48XC9hPiJ9LHsiaWQiOiJqYXZ1X2JfTURfQl83Mjh4OTAiLCJhZHNwb3QiOiJiX01EX0JfNzI4eDkwIiwid2VpZ2h0IjoiNCIsImZjYXAiOmZhbHNlLCJzY2hlZHVsZSI6ZmFsc2UsIm1heFdpZHRoIjpmYWxzZSwibWluV2lkdGgiOiI3NjgiLCJ0aW1lem9uZSI6ZmFsc2UsImV4Y2x1ZGUiOmZhbHNlLCJkb21haW4iOmZhbHNlLCJjb2RlIjoiPGEgaHJlZj1cImh0dHBzOlwvXC90ZWxsbWUucHdcL2dvXC9qYXZ1XC9cIiB0YXJnZXQ9XCJfYmxhbmtcIj48aW1nIHNyYz1cIlwvYXBwXC9qYXZ1XC9WaWV3XC9pbWdcL2I3Mjg5MC5qcGdcIj48XC9hPiJ9XQ==
Exercide Files.zip
360.95MB
3. Cross Site Scripting (XSS)/11 - Demo - ASP NET reequest validation.mp4
63.64MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/3 - Demo - Anatomy of an attack.mp4
60.06MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/8 - Demo - Building an indirect reference map.mp4
42.84MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/5 - Demo - Correctly configuring custom errors.mp4
39.63MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/3 - Demo - Anatomy of an attackmp4.mp4
38.73MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/5 - Demo - Understanding secure cookies and froms authentication.mp4
37.48MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/6 - Demo - Securing other cookies in ASP NET.mp4
36.45MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/3 - Demo - Anatomy of an attack.mp4
35.42MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/6 - Understanding salt and brute force attacks.mp4
34.09MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/5 - What make a CSRF attack possible.mp4
33.22MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/9 - Demo - Using config transforms to apply secure configurations.mp4
32.6MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/7 - Demo - Role based authorisation with the ASP NET Role Provider.mp4
29.23MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/4 - Risk in practice - Tunisian ISPs.mp4
28.8MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/8 - Demo - Encrypting sensitive parts of the web-config.mp4
28.78MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/7 - Slowing down hashes with new Membership Provider.mp4
26.52MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/3 - Demo - Anatomy of an attack.mp4
25.88MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/7 - Demo - Implementing output encoding.mp4
25.56MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/5 - Understanding password storage and hashing.mp4
25.1MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/12 - Demo - Injection through stored procedures.mp4
24.64MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/4 - Risk in practice - My Space and Samy.mp4
24.55MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/11 - Demo - Symmetric encryption using DPAPI.mp4
23.49MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/7 - Demo - Keeping frameworks currrent with NuGet.mp4
22.17MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/9 - Demo - Mixed mode HTTPS.mp4
21.13MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/4 - Risk in practice - Apple AT&T leak.mp4
21.11MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/6 - Demo - Access controls in ASP NET part 2 - The authorize attribute.mp4
21.1MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/6 - Demo - Securing web forms tracing.mp4
20.83MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/6 - Demo - Implementing access controls.mp4
20.01MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/5 - Demo - Access controls in ASP NET part 1 - web-config locations.mp4
19.61MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/10 - Demo - Whitelisting untrusted data.mp4
19.56MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/7 - Demo - Forcing web forms to use HTTPS.mp4
19.51MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/3 - Demo - Anatomy of an attack.mp4
18.78MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/7 - Demo - Implementing an anti-frogery token in MVC.mp4
18.47MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/7 - Demo - implementing referrer checking.mp4
18.42MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/8 - Other access controls risk and misconceptions.mp4
18.41MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/4 - Risk in practice - ABC passwords.mp4
17.99MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/13 - Demo - Injection automation with Havij.mp4
17.92MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/7 - Demo - The principle of least privilege.mp4
17.75MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/8 - Demo - Web forms approach to anti-frogery tokens.mp4
17.49MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/12 - Demo - Reflective versus persistent XSS.mp4
17.43MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/4 - Risk in practice - Compromised Brazillian modems.mp4
17.42MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/8 - Demo - Leveraging ASP NET membership provider for authentication.mp4
17.4MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/4 - Risk in practice - ELMAH.mp4
17.06MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/6 - Demo - implementing a whitelist.mp4
16.74MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/3 - Demo - Anatomy of an attacker.mp4
16.73MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/12 - Other HTTPS considerations.mp4
16.68MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/3 - Demo - Anatomy of an attack.mp4
16.52MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/11 - Other insufficient HTTPS patterns.mp4
16.38MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/11 - Demo - Entity Framework's SQL parameterisation.mp4
16.12MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/8 - Demo - Inline SQL parameterisation.mp4
15.58MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/8 - Other stronger hashing implemenetations.mp4
15MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/13 - Summary.mp4
14.94MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/12 - Whats not cryptographic.mp4
14.6MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/10 - Demo - Enabling retail mode on the server.mp4
14.44MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
1. Introduction/3 - Who's doing the hacking.mp4
14.42MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/3 - Demo - Anatomy of an attack.mp4
14.33MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
1. Introduction/4 - OWASP and the Top 10.mp4
14.24MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/4 - Risk in practice - US government websites.mp4
14.05MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/9 - Things to consider when choosing a hashing implementations.mp4
14.02MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/13 - Demo - Native browser defences.mp4
13.62MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/10 - HTTP strict transport security.mp4
13.26MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/8 - Demo - Output encoding in web forms.mp4
12.37MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/9 - Summary.mp4
12.35MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/5 - Understanding the value of unvalidated redirects to attackers.mp4
12.13MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/13 - Summary.mp4
12.03MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/8 - Demo - Requiring HTTPS on MVC controllers.mp4
11.79MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/10 - Demo - Whitelisting allowable values.mp4
11.37MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/10 - Understanding symmetric and asymmetric encryption.mp4
10.73MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/7 - Understanding indirect reference maps.mp4
10.62MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/4 - Risk in practice - Citibank.mp4
10.52MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/5 - Understanding direct object references.mp4
10.43MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/15 - Summary.mp4
10.06MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/2 - OWASP overview and risk rating.mp4
10.06MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/9 - Demo - Stored procedure parameterisation.mp4
10.02MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/7 - Demo - Securely configuring session persistence.mp4
9.93MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/2 - OWASP overview and risk rating.mp4
9.84MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/6 - Output encoding concepts.mp4
9.03MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/11 - Summary.mp4
8.58MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/9 - CSRF fallacies and browser defences.mp4
8.56MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
1. Introduction/5 - Applying security in depth.mp4
8.15MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/8 - Other issues with the unvalidated redirect riskmp4.mp4
8.11MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/14 - Summary.mp4
7.22MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/11 - Other broken authentication patterns.mp4
6.78MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
1. Introduction/2 - Who's getting hacked.mp4
6.77MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/10 - Summary.mp4
6.74MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/9 - Summary.mp4
6.43MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/6 - Understanding anti-frogery tokens.mp4
6.42MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/2 - OWASP overview and risk rating.mp4
6.41MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/9 - Demo - Output encoding in MVC.mp4
6.33MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/2 - OWASP overview and risk rating.mp4
6.33MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/4 - Risk in practice - Apples's session fixation.mp4
6.33MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/2 - OWASP overview and risk rating.mp4
6.12MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/2 - OWASP overview and risk rating.mp4
5.97MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/3 - Demo - Anatomy of an attack.mp4
5.88MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/2 - OWASP overview and risk rating.mp4
5.87MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/12 - Summary.mp4
5.71MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/6 - The risk of session persistence in the URL versus cookies.mp4
5.53MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/10 - Siding versus fixed forms timeout.mp4
5.35MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/9 - Customising session and forms timeouts to minimise risk windows.mp4
5.19MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/4 - Risk in practice - LulzSec and Sony.mp4
4.97MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/6 - Defining untrusted data.mp4
4.89MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/3 - Demo - Anatomy of an attack.mp4
4.61MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/9 - Obfuscation via random surrogate keys.mp4
4.28MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/14 - Demo - Payload obfuscation.mp4
3.97MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/2 - OWASP overview and risk rating.mp4
3.75MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
10. Insufficient Transport Layer Protection/1 - Introduction.mp4
3.73MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/10 - Summary.mp4
3.66MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/2 - OWASP overview and risk rating.mp4
3.64MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/2 - OWASP overview and risk rating.mp4
3.37MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/1 - Introduction.mp4
2.99MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/1 - Introduction.mp4
2.79MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
3. Cross Site Scripting (XSS)/5 - Understanding XSS.mp4
2.68MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
8. Insecure Cryptographic Storage/1 - Introduction.mp4
2.63MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
7. Security Misconfiguration/1 - Introduction.mp4
2.24MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
2. Injection/5 - Understanding SQL Injection.mp4
2.13MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
6. Cross Site Request Forgery (CSRF)/1 - Introduction.mp4
2.09MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/5 - Persisting state in a stateless protocol.mp4
2MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
11. Unvalidated Redirects and Forwards/1 - Introduction.mp4
1.79MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
9. Failure to Restrict URL Access/1 - Introduction.mp4
1.71MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
4. Broken Authentication and Session Management/1 - Introduction.mp4
1.52MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
5. Insecure Direct Object References/1 - Introduction.mp4
1.34MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
1. Introduction/1 - Introduction.mp4
1.31MB
W3siaWQiOiJleG9jX2JfUExBWSIsImFkc3BvdCI6ImJfUExBWSIsIndlaWdodCI6IjEiLCJmY2FwIjpmYWxzZSwic2NoZWR1bGUiOmZhbHNlLCJtYXhXaWR0aCI6ZmFsc2UsIm1pbldpZHRoIjpmYWxzZSwidGltZXpvbmUiOmZhbHNlLCJleGNsdWRlIjpmYWxzZSwiZG9tYWluIjpmYWxzZSwiY29kZSI6IjwhLS1cclxuPGEgaHJlZj1cImh0dHBzOlwvXC9zeW5kaWNhdGlvbi5keW5zcnZ0YmcuY29tXC9zcGxhc2gucGhwP2lkem9uZT0xOTYxMDkyJnJldHVybl91cmw9aHR0cHM6XC9cL3RlbGxtZS5wd1wvZ29cL2J0c1wiICBjbGFzcz1cImJ0biBidG4td2FybmluZ1wiIHRhcmdldD1cIl9ibGFua1wiPjxzcGFuIGNsYXNzPVwiZ2x5cGhpY29uIGdseXBoaWNvbi1wbGF5XCI+PFwvc3Bhbj4gUGxheSBOb3c8XC9hPlxyXG4tLT4ifV0=
W3siaWQiOiJhZHN0X2JfTV8zMDB4NTAiLCJhZHNwb3QiOiJiX01fMzAweDUwIiwid2VpZ2h0IjoiNSIsImZjYXAiOmZhbHNlLCJzY2hlZHVsZSI6ZmFsc2UsIm1heFdpZHRoIjoiNzY4IiwibWluV2lkdGgiOmZhbHNlLCJ0aW1lem9uZSI6ZmFsc2UsImV4Y2x1ZGUiOmZhbHNlLCJkb21haW4iOmZhbHNlLCJjb2RlIjoiPHNjcmlwdCB0eXBlPVwidGV4dFwvamF2YXNjcmlwdFwiPlxyXG4gIGF0T3B0aW9ucyA9IHtcclxuICAgICdrZXknIDogJzdkMWNjMGUxYjk4MWM5NzY4ZGI3ODUxZmM1MzVhMTllJyxcclxuICAgICdmb3JtYXQnIDogJ2lmcmFtZScsXHJcbiAgICAnaGVpZ2h0JyA6IDUwLFxyXG4gICAgJ3dpZHRoJyA6IDMyMCxcclxuICAgICdwYXJhbXMnIDoge31cclxuICB9O1xyXG4gIGRvY3VtZW50LndyaXRlKCc8c2NyJyArICdpcHQgdHlwZT1cInRleHRcL2phdmFzY3JpcHRcIiBzcmM9XCJodHRwJyArIChsb2NhdGlvbi5wcm90b2NvbCA9PT0gJ2h0dHBzOicgPyAncycgOiAnJykgKyAnOlwvXC93d3cuYm5odG1sLmNvbVwvaW52b2tlLmpzXCI+PFwvc2NyJyArICdpcHQ+Jyk7XHJcbjxcL3NjcmlwdD4ifV0=