05:55
Business Logic Vulnerabilities - Lab #8 Insufficient workflow validation | Short Version
21:32
Business Logic Vulnerabilities - Lab #8 Insufficient workflow validation | Long Version
05:12
Business Logic Vulnerabilities - Lab #7 Weak isolation on dual-use endpoint | Short Version
23:59
Business Logic Vulnerabilities - Lab #7 Weak isolation on dual-use endpoint | Long Version
15:02
Business Logic Vulnerabilities - Lab #6 Inconsistent handling of exceptional input | Short Video
16:47
Business Logic Vulnerabilities - Lab #6 Inconsistent handling of exceptional input | Long Video
15:37
Business Logic Vulnerabilities - Lab #5 Low Level Logic Flaw | Long Video
13:54
Business Logic Vulnerabilities - Lab #5 Low Level Logic Flaw | Short Video
08:16
Business Logic Vulnerabilities - Lab #4 Flawed enforcement of business rule | Short Version
30:36
Business Logic Vulnerabilities - Lab #4 Flawed enforcement of business rule | Long Version
06:19
Business Logic Vulnerabilities - Lab #3 Inconsistent security controls | Short Version
08:02
Business Logic Vulnerabilities - Lab #3 Inconsistent security controls | Long Version
06:48
Business Logic Vulnerabilities - Lab #2 High-level logic vulnerability | Short Version
27:23
Business Logic Vulnerabilities - Lab #2 High-level logic vulnerability | Long Version
05:51
Business Logic Vulnerabilities - Lab #1 Excessive trust in client-side controls | Short Version
26:08
Business Logic Vulnerabilities - Lab #1 Excessive trust in client-side controls | Long Version
18:58
Business Logic Vulnerabilities | Complete Guide
14:34
SQL Injection - Lab #18 Visible error-based SQL injection | Short Version
16:13
SQL Injection - Lab #18 Visible error-based SQL injection | Long Version
09:02
Mastering Server-Side Request Forgery Vulnerabilities - The Ultimate Hands-On Course on Udemy!
09:39
Authentication Vulnerabilities - Lab #14 2FA bypass using a brute-force attack | Short Version
11:21
Authentication Vulnerabilities - Lab #14 2FA bypass using a brute-force attack | Long Version
09:10
Authentication Vulnerabilities - Lab #13 Broken brute-force protection | Short Version
18:14
Authentication Vulnerabilities - Lab #13 Broken brute-force protection | Long Version
10:52
Authentication Vulnerabilities - Lab #12 Password brute-force via password change | Short Version
26:36
Authentication Vulnerabilities - Lab #12 Password brute-force via password change | Long Version
08:14
Authentication Vulnerabilities - Lab #11 Password reset poisoning via middleware | Short Version
09:55
Authentication Vulnerabilities - Lab #11 Password reset poisoning via middleware | Long Version
08:28
Mastering Command Injection Vulnerabilities - The Ultimate Hands-On Course on Udemy!
11:46
Authentication Vulnerabilities - Lab #10 Offline password cracking | Short Version
13:27
Authentication Vulnerabilities - Lab #10 Offline password cracking | Long Version
07:30
Authentication Vulnerabilities - Lab #9 Brute-forcing a stay-logged-in cookie | Short Version
18:41
Authentication Vulnerabilities - Lab #9 Brute-forcing a stay-logged-in cookie | Long Version
09:31
Mastering Directory Traversal Vulnerabilities - The Ultimate Hands-On Course on Udemy!
09:24
Authentication Vulnerabilities - Lab #8 2FA broken logic | Short Version
11:03
Authentication Vulnerabilities - Lab #8 2FA broken logic | Long Version
09:29
Authentication Vulnerabilities - Lab #7 Username enumeration via account lock | Short Version
11:09
Authentication Vulnerabilities - Lab #7 Username enumeration via account lock | Long Version
14:09
Authentication Vulnerabilities - Lab #6 Broken brute-force protection, IP block | Short Version
15:48
Authentication Vulnerabilities - Lab #6 Broken brute-force protection, IP block | Long Version
09:38
Mastering Authentication Vulnerabilities - The Ultimate Hands-On Course on Udemy!
13:47
Authentication Vulnerabilities - Lab #5 Username enumeration via response timing | Short Version
15:26
Authentication Vulnerabilities - Lab #5 Username enumeration via response timing | Long Version
08:46
Authentication Vulnerabilities - Lab #4 Username enumeration via different responses | Short Version
10:51
Authentication Vulnerabilities - Lab #4 Username enumeration via different responses | Long Version
04:00
Authentication Vulnerabilities - Lab #3 Password reset broken logic | Short Version
14:37
Authentication Vulnerabilities - Lab #3 Password reset broken logic | Long Version
09:08
Mastering SQL Injection - The Ultimate Hands-On Course on Udemy!
04:04
Authentication Vulnerabilities - Lab #2 2FA simple bypass | Short Version
13:14
Authentication Vulnerabilities - Lab #2 2FA simple bypass | Long Version
05:51
Authentication Vulnerabilities - Lab #1 Username enumeration via different responses | Short Version
07:30
Authentication Vulnerabilities - Lab #1 Username enumeration via different responses | Long Version
26:45
Securing Open Source Dependencies - NahamCon 2023
31:03
Authentication Vulnerabilities | Complete Guide
03:30
Directory Traversal - Lab #6 Validation of file extension with null byte bypass | Short Version
11:22
Directory Traversal - Lab #6 Validation of file extension with null byte bypass | Long Version
03:42
Directory Traversal - Lab #5 File path traversal, validation of start of path | Short Version
11:55
Directory Traversal - Lab #5 File path traversal, validation of start of path | Long Version
04:37
Directory Traversal - Lab #4 Path traversal sequences stripped w/ URL-decode | Short Version
13:47
Directory Traversal - Lab #4 Path traversal sequences stripped w/ URL-decode | Long Version
X
About
Channel that discusses security related topics. The majority of videos will cover web security but occasionally we'll talk about content related to certs like the OSCP, OSWE and CRTP.
-ABOUT-
Rana Khalil is an accomplished Application Security Engineer currently steering the digital safety ship in Canada's dynamic public and private sectors. With her cutting-edge expertise, she's not only securing applications, but also shaping the future of cybersecurity across the nation.
She holds a Bachelor's and Master’s degree in Computer Science and is OSCP certified. She has spoken about her research at various local and international conferences, and received several awards and honorable mentions for her contributions to the cybersecurity community.
Rana has also founded her own online academy where she teaches web application penetration testing. Her mission? To make cybersecurity education affordable and keep the digital frontier safe, one application at a time.
Tags