⌨️(0:00:00) Setting Up Burp Suite ⌨️(0:08:07) Spidering & DVWA ⌨️(0:19:04) Brute Force Attacks With Burp Suite ⌨️(0:32:55) Target Scope And Spidering ⌨️(0:46:32) Discovering Hidden Files With ZAP ⌨️(1:04:24) Web Application Firewall Detection with WAFW00F ⌨️(1:12:28) DirBuster ⌨️(1:25:27) XSS(Reflected, Stored & DOM) ⌨️(1:41:22) CSRF (Cross Site Request Forgery) ⌨️(2:02:42) Cookie Collection & Reverse Engineering ⌨️(2:14:17) HTTP Attributes (Cookie Stealing) ⌨️(2:27:48) SQL Injection

I am overwhelmed by the value this channel offers

NOTE: Anyone who is having trouble with connecting metasploitable with browser in kali 1) go to the metasploitable network settings in your hypervisor( virtual machine monitor or VMM) like virtual box 2) change to the adapter from NAT to Bridge thats all like so more people can see it

This guy is not only knowledgeable and a good teacher... he's extremely funny too....

3 years later and you're still getting views and comments bro. I absolutely love your content. Helps me out a great deal as a beginner in pentesting. Love the subject a great deal

I'm watching this nearly after 2 years but it is still much more informative 👍

This is really amazing to hear hackersploit voice.

Thank you a lot for the content, I appreciate a lot you taking the time to pass your knowledge forward Thank you very much

the best lesson you need to learn in this tutorial 2:12:25

I liked the video as soon as I heard his voice.

Excellent teaching man it's very easy to understand ♥️

You can skip (2.)Spidering as it's not present in the burpsuite anymore. I think there is something to do with some new laws about crawling but the team is working on a new method implemented in Pro and Community editions with no ETA for now thou.

Wonderful explanation All doubts cleared and feel confident.

is it possible for you to create new playlist of cyber security because course is too old and lot have changed

This is so helpful. Thanks a ton!

is that video from hackersploit channel cause i heard hackersploit tag in the begening

list of tools and applications: dvwa bwapp juice shop owasp zap dirbuster

love this guy no nonsense tutorials thanks bro

So nice explanation sir it's really nice the world's best teacher

pause at 1:25:27 and shake your screen (if you are on your phone).

Amazing I learn a lot from this video thanks for sharing this knowledge with us on KZbin.

In the business for a while and was just curious. Well explained and presented. Cheers.

even tho u speak faster but u still one of my best teacher. bless u

I have 2 questions: 1) What is the purpose of setting the proxy? Why we set the proxy to localhost? Using this proxy I'm not able to reach a web resource. 2) I can't select the checkbox in the App, under the 'Proxy' -> 'Options' -> Running 4:59

You don't really know what penetration is until one day you find out that there is a back-door on your system that won't let you in! Hopefully this video will show the way to a better Internet experience!!!

I love this org and youtube channel

Thank you, hackersploit! 💕

omg! this is an awesome video. 3 hours? yep. the longest video i ever seen.

Thank you so much Sir !!! You're a great Teacher! Be blessed!

"really really really really really really really really really really " "all good stuff"

46:32 timestamp for me

Please during the course, i heard you had a seperate tutorial on the use of ZAp for web applications testing. I ask this because everyone seems to be leaning towards burp suite pro and there are hardly any tutorials out there except yours at least which cover zap in detail for web app pen testing. Please if you would kindly direct me to that tutorial i would appreciate it.

This covers the material clearly and thoroughly. Thanks!

This is really helpfull video for us kindly upload video for ethical hacking on desktops application thanks

You need to have pro version of burpsuite right, mine doesnt have few of the important options like spider and all.

I am running Kali in VirtualBox. It does not have a button to add an exception. Firefox was probably updated in the newer Kali. Does anyone know how to create the exception a different way?

Thank you from Melbourne Australia

nice and recommended indeed bravo work😍

doing this. been wanting this for a long time

This is amazing stuff for beginners. Thank You

Youre awesome teacher, can you please do a video on how to find the login username and password for a router gateway url? Please and thank you!!

Finally ! Something with PARROT OS, There is no books available about parrot os. 😢

Thank you Tesfay. Such a great video for study purpose.

Strong title, great content.

So explanatory. Thanks alot. But can one of these methods be used to bypass otp verification code...If you could do a video on that

We would love to have an updated version of this course

I am wondering if it is only me who see flashes of image, unknown apps, and curse-like jargons without understanding what is the whole picture and the meanings behind all these??

0:00 hacker sploit here .. legendary name🔥🔥😎

Sick cant wait to dive into this!

Hacker Sploit! Love from Israel!

This voice i didn't forget.. :D

hi, thanks for the videos. I have a question at bruteforce. When i go to response/render it shows Unable to render response! Why is this happening? any clue anyone?

why so nervous? you do a really nice job explaining bro!

Thanks for explaining the difference between the two but I’m new to cyber security I’m wondering which one to do first the pen-testing or vulnerability scanning? Any advise is welcomed as I’m looking for a book camp after I take a couple of online classes

What happened to the spider tab in burp suite? It doesn't seem to exist in burp suite 2020.

I'm going to quite CSGO and start this tutorial from today....

Is it legal to use your website to learn along the way with the video ? By letting Burpsuite at it ?

thank you so much for this video, makes everything so clear : thank you!

They have removed spidering option from the community edition now. Any alternatives for this?

Super helpful content...Thanks so much!

The first brute force was admin admin. You were rushing through it. Nice job.

Awesome content and explanation... Got to know so many things

does anyone know what is the url for DVWA??? I know in this video he links it via his IP but i'm not that techy and need to access DVWA using Burp. thanks!

What's the difference between network penetration testing and web application penetration testing? Do you need to know both to be a bug bounty hunter?

To me the ZAP is more user-friendly sir, becos I follow your other video finding useful information by doing the ZAP spiders

how great you are man! i salute you. you make me believe!

The first thing you have to do is learn Proxy Chaining before you try to hack anything. Just a thought

Hello guys, I was starting with the tutorial and was really psyched, but hit a bump at the very beginning. After setting my proxy in firefox and importing the Burp certificate, no site is loading in the browser. Failure message is : "Proxy server refusing connection". Here is the same error reported by someone in Burp Support: support.portswigger.net/customer/portal/questions/17353034-error-in-browser-and-burp-suite-the-proxy-server-is-refusing-connections But no solution provided. Can anyone shed some light on how i might get it working? Note: I can see HTTP request intercepted in Burp.

It's saying that the proxy server is refusing the connection on firefox. What should I do now?

Great video in which you have really given a lot of effort to explain everything in detail. I have a question about the DirBuster is there a way to get a list from a cloud instead of a local computer? regards -- Danny

First of thank you for the great video! I just don't understand why you are using two script at 2:22:40 ?

Just curious, what are the prerequisites to get into this one?

could one help please, Burp Suite would not open on a new Parrot security 5.3 installation ; also noticed chrome for Linux after freshly installed is behaving the same way and not starting ?

i like your tutorials ...continue please.

I wish you did the video in a better quality, better for our eyes :)

why there is no spider branch on latest version of burp suite

Hello, how can i get firewall name and version, tried wawoof, but its giving a wrong name. any other way?

why didn't this start with a thorough explanation or intro to what web penetration is? it seemed to be more about the tools used and not penetration testing as a discipline... Just a little feedback. who is the target audience for this btw?

When I changes the preferences to local host then I can't access internet in kali Linux due to which I can't send any http request to any site. Any solution?

loving it, very helpful

So easy to follow thx

Please make another more advance course for begginers in web pentesting

Nice work

Thanks Brother .....its very useful to me

a wesone but knowledge of socket programming in python is a must

Being that Burp no longer offers the spidering functionality, What are some of you out there using as an alternative? ZAP?

You rock!! Good stuff right here!!!!!

really helpful video for bigginer

this better not be illegal i woke up to this video

Hello sir, I would like to know Which programming language would be beneficial for cyber security?

Hackersploit😍😍😍

Thanks for this ❤

Why I am Missing Spider in my version? currently using v2020.7 i don't see the spider tab?

How can i do web app testing for any website given?

do the proxy settings have to be the same as the video above

'alert("Awesome content man .. love it")

Good day! What's the name of the next you've made ? cause I couldn't find it .

Do video on mobile app testing (android and IOS )

How do we set up the proxy (2:02) using Google Chrome?

Brilliant, thank you 👍