Unveiling Oauth for Bug Bounty Hunting

Free Download Unveiling Oauth for Bug Bounty Hunting
Published 11/2023
Created by Anurag Verma
MP4 | Video: h264, 1280×720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English | Duration: 14 Lectures ( 1h 48m ) | Size: 1.1 GB

learn about oauth ,its misconfigurations and understand oauth attack in real world scenerios
What you’ll learn
What is oauth?
Types of oauth?
Oauth Misconfigurations with proper explanations
Learning different attacks possible in oauth
Learn chaining oauth with other vulnerabilities like CSRF,HTML injection
Business logic misconfigurations with oauth
Special case of bypassing CORS policy and finally making it to account takeover
Good to know basics of burpsuite,postman,some basics of development like HTML,JS
If you haven’t explored any of those mentioned above then no issue you can first learn basics of them then you are ready for the demonstrations
oauth is one the most important topic nowadays if you study web applications penetration testing or api security testing or android security testing then the oauth is one of the most common topic,it is popularly used in almost every applications ,vulnerabilities like account takeover are found in oauth misconfigurations, if you don’t know how to go for oauth testing then this course is for you,you will be able to learn different types of attacks possible with oauth with respective misconfiguration and will learn how chaining can be done in oauth with other vulnerabilities,I have demonstrated the oauth misconfiguration using portswigger labs and also discussed the live finding from a bug bounty programme,you can also find similar issues on your programme as wellThis is a short course , in this course, you will be going to learn =>What is Oauth?Types of Oauth?How does Oauth work?What are oauth misconfigurations?Demonstrations of account takeovers on lab and live casesAnalysing oauth flow from developers docs using PostmanAnalysing how to bypass some of the restrictions and chaining oauth with other vulnerabilitiesUnderstanding more business logic misconfiguration collected from various reports and articles.Use the tutorials for education purpose only don’t misuse it in real worldThanks
Who this course is for
Ethical Hackers
Bug Bounty Hunters
Security Engineers
Red Teamers
IT analysts
Security Enthusiasts

Buy Premium From My Links To Get Resumable Support,Max Speed & Support Me

No Password – Links are Interchangeable

Add a Comment

Your email address will not be published. Required fields are marked *