Web Enumeration – Fuzzing for HTTP Parameters Enumeration

preview_player
Показать описание
Hi, and welcome to this new video!

In this video I continue my web exploitation series by continuing the enumeration portion of the course. This time it is all about about parameter enumeration. Specifically, I will discuss how to use wfuzz in order to discover HTTP parameters such as GET parameters in the URL, or POST parameters in the body.

If you're interested in more videos of the series or if you have any feedback, please let me know!

-------------------------

TIMESTAMP

00:00 Introduction
01:50 Docker lab
05:35 Wfuzz scenario 1 – discovery of parameter name
21:10 Wfuzz scenario 2 – discovery of debug parameter
24:05 Wfuzz scenario 3 – discovery of parameter value
30:30 Insecure Direct Object Reference (IDOR)
33:00 Wfuzz scenario 4 – sending requests to burpsuite
35:15 Wfuzz scenario 4 – discovery of POST data
36:44 Conclusion

-------------------------

REFERENCES


-------------------------

CONTACTS

  1. hexdump
  2. web
  3. security
  4. learning
  5. teaching
Рекомендации по теме
Web Enumeration – 0:37:10

Web Enumeration – Fuzzing for HTTP Parameters Enumeration

Hacking APIs: Fuzzing 0:13:29

Hacking APIs: Fuzzing 101

find HIDDEN urls!! 0:17:30

find HIDDEN urls!! (subdomain enumeration hacking) // ft. HakLuke

What is Fuzzing 0:12:54

What is Fuzzing (using ffuf)

Episode 7 - 0:42:35

Episode 7 - Web Enumeration and Fuzzing

Fuzzing & Directory 0:51:20

Fuzzing & Directory Brute-Force With ffuf

HTB Academy: Attacking 0:07:03

HTB Academy: Attacking Web Applications with FFUF - Vhost Fuzzing and Filtering Results

Fuzzing Web Applications 0:15:39

Fuzzing Web Applications with Wfuzz | CTF Walkthrough

What is Fuzzing? 0:03:04

What is Fuzzing?

API Testing & 0:03:19

API Testing & Fuzzing For Bug Bounties 2022

How to Directory 0:11:45

How to Directory Brute Force Properly

Web Fuzzing (ffuf 0:31:51

Web Fuzzing (ffuf vs wfuzz) - Pentesting Tutorials

Find Hidden Subdomains 0:05:11

Find Hidden Subdomains & URLs | Bug Bounty Recon

Fuzzing & Sensitive 0:09:55

Fuzzing & Sensitive File Enumeration with FFUF

API Hacking Demo 0:13:35

API Hacking Demo | Bug Bounty Web App Testing

Dirbuster - Enumerating 0:10:11

Dirbuster - Enumerating Web App Files and Directories

Subdomain Fuzzing for 0:04:28

Subdomain Fuzzing for Hacking Certifications

Fuzzing for beginners! 0:09:57

Fuzzing for beginners! FFuF - Hacker Tools

What is Fuzzing 0:04:40

What is Fuzzing | Fuzzing Testing | Fuzzing Security | Security Testing Training Tutorial Day 2

HTB Academy: Attacking 0:03:05

HTB Academy: Attacking Web Applications with FFUF - Subdomain Fuzzing

31 Application Security 0:28:04

31 Application Security - Fuzzing Directories - OSCP | Offensive Security Certified Professional

Fuzzing Web Applications 0:57:18

Fuzzing Web Applications with Jaeles Scanner - Watch at 1.5x

Hacking Websites with 0:08:00

Hacking Websites with ffuf! (FUZZING)

How do Discover 0:07:10

How do Discover Hidden Directories & Subdomains | Gobuster Tutorial

Комментарии
Автор

Hey bro, italian or english your videos are always awesome !!

LucaCanali