Pluralsight-Web App Hacking-Cookie Attacks

Pluralsight-Web.App.Hacking-Cookie.Attacks
English | Size: 112.2 MB
Category: HACKING | Security


In this course, you will learn how severe consequences can happen as a result of insecure cookie processing. You will see how cookie attacks work in practice and how to test web applications for various cookie processing flaws. [Read more…]

Cross Site Scripting (XSS) Attacks for Pentesters

Cross Site Scripting (XSS) Attacks for Pentesters
English | Size: 199.44 MB
Category:Misc E-Learning


Cross Site Scripting or XSS is still one of the most common injection vulnerability that exist in modern as well as legacy Web Applications. This course will teach XSS in-depth and even talk about the lesser known derivatives of XSS called Mutation XSS (mXSS) and Relative Path Overwrite XSS (RPO XSS). If you are interested in learning about the different types of XSS, different context in XSS, and about real world red team XSS Exploitation, then this course is for you and it does not take hours. Invest just 2 hours and master XSS in-depth. [Read more…]

BRKSEC-2202 – Understanding and Preventing Layer 2 Attacks

BRKSEC-2202 – Understanding and Preventing Layer 2 Attacks
English | Size: 305.93 MB
Category: Networking


This session focuses on the network security issues surrounding Layer 2, the data link layer. Because many network attacks originate inside the corporate firewall, exploring this soft underbelly of data networking is critical for any secure network design. Issues covered include Address Resolution Protocol (ARP) spoofing, MAC flooding, VLAN hopping, Dynamic Host Configuration Protocol (DHCP) attacks, and Spanning Tree Protocol concerns. Common myths about Ethernet switch security are addressed and specific security lockdown recommendations are provided. Attack mitigation options presented include the new DHCP snooping and Dynamic ARP Inspection (DAI) functionality. Attendees can expect to learn Layer 2 design considerations from a security perspective and mitigation techniques for Layer 2 attacks. This session is for network designers, administrators, and engineers in all areas of data networking.
[Read more…]

Udemy – Cross Site Scripting (XSS) Attacks for Pentesters

Udemy – Cross Site Scripting (XSS) Attacks for Pentesters

English | Size: 162.71 MB (170,612,063 Bytes)
Category: Tutorial


Cross Site Scripting or XSS is still one of the most common injection vulnerability that exist in modern as well as legacy Web Applications. This course will teach XSS in-depth and even talk about the lesser known derivatives of XSS called Mutation XSS (mXSS) and Relative Path Overwrite XSS (RPO XSS). If you are interested in learning about the different types of XSS, different context in XSS, and about real world red team XSS Exploitation, then this course is for you and it does not take hours. Invest just 2 hours and master XSS in-depth. [Read more…]

Offensive Security Wireless Attacks [WiFU 3 0]

Offensive Security Wireless Attacks [WiFU 3 0]
English | Size: 828.73 MB
Category: CBT


The wireless industry continues to grow in leaps and bounds with more and more gadgets evolving to be wireless. Wireless access points, media centers, phones, and even security systems are commonplace in the average household. Unfortunately, the security that is implemented on this equipment is often lacking, opening the devices syto severe security vulnerabilities. In practice, many companies and organizations still use and deploy vulnerable wireless gear, often in their default configurations. This is most often due to poor security awareness or a lack of understanding of the risks and ramifications. [Read more…]

Offensive Security Wireless Attacks – WiFu v3.0

Offensive Security Wireless Attacks – WiFu v3.0
English | Size: 828.71 MB
Category: CBTs


Description

The wireless industry continues to grow in leaps and bounds with more and more gadgets evolving to be wireless. Wireless access points, media centers, phones, and even security systems are commonplace in the average household. Unfortunately, the security that is implemented on this equipment is often lacking, opening the devices syto severe security vulnerabilities. In practice, many companies and organizations still use and deploy vulnerable wireless gear, often in their default configurations. This is most often due to poor security awareness or a lack of understanding of the risks and ramifications. [Read more…]