Penetration Tester | Hacker | Cyber security Researcher.

OpenID Dynamic Client Registration
15:04
OpenID Dynamic Client Registration
Authentication bypass via OAuth implicit flow - #lab01
11:24
Authentication bypass via OAuth implicit flow - #lab01
OAuth2.0 Authorization code vs Implicit grant types
12:03
OAuth2.0 Authorization code vs Implicit grant types
What is OAuth 2.0?
15:51
What is OAuth 2.0?
Exploiting exact-match cache rules for web cache deception - Lab#05
36:02
Exploiting exact-match cache rules for web cache deception - Lab#05
Exploiting cache server normalization for web cache deception - Lab#4
19:14
Exploiting cache server normalization for web cache deception - Lab#4
Exploiting origin server normalization for web cache deception - Lab#03
15:00
Exploiting origin server normalization for web cache deception - Lab#03
Exploiting path delimiters for web cache deception - Lab#02
19:46
Exploiting path delimiters for web cache deception - Lab#02
What is Delimiter discrepancies?
4:50
What is Delimiter discrepancies?
Exploiting path mapping for web cache deception - Lab#01
12:56
Exploiting path mapping for web cache deception - Lab#01
Web Cache Deception - BRIEF
28:19
Web Cache Deception - BRIEF
CSRF with broken Referer validation - Lab#12
10:41
CSRF with broken Referer validation - Lab#12
CSRF where Referer validation depends on header being present - Lab#11
11:04
CSRF where Referer validation depends on header being present - Lab#11
SameSite Lax bypass via cookie refresh - Lab#10
29:39
SameSite Lax bypass via cookie refresh - Lab#10
SameSite Strict bypass via sibling domain - Lab#09
31:49
SameSite Strict bypass via sibling domain - Lab#09
SameSite Strict bypass via client-side redirect - Lab#08
18:30
SameSite Strict bypass via client-side redirect - Lab#08
SameSite Lax bypass via method override - Lab#07
12:24
SameSite Lax bypass via method override - Lab#07
What is SameSite Cookie Attribute
12:41
What is SameSite Cookie Attribute
CSRF where token is duplicated in cookie - Lab#06
12:12
CSRF where token is duplicated in cookie - Lab#06
CSRF where token is tied to non-session cookie - Lab#05
24:00
CSRF where token is tied to non-session cookie - Lab#05
CSRF where token is not tied to user session - Lab#04
14:47
CSRF where token is not tied to user session - Lab#04
CSRF where token validation depends on token being present - Lab#03
6:27
CSRF where token validation depends on token being present - Lab#03
CSRF where token validation depends on request method - Lab#02
20:17
CSRF where token validation depends on request method - Lab#02
CSRF vulnerability with no defenses - Lab#01
11:59
CSRF vulnerability with no defenses - Lab#01
What is Cross-site request forgery?
13:13
What is Cross-site request forgery?
Exploiting insecure output handling in LLMs - Lab#04
18:08
Exploiting insecure output handling in LLMs - Lab#04
Indirect prompt injection - Lab#03
16:45
Indirect prompt injection - Lab#03
LLM - Indirect prompt injection
4:26
LLM - Indirect prompt injection
Exploiting vulnerabilities in LLM APIs - Lab#02
12:17
Exploiting vulnerabilities in LLM APIs - Lab#02
Exploiting LLM APIs with excessive agency - Lab#01
17:01
Exploiting LLM APIs with excessive agency - Lab#01