* Cantinho Satkeys

Refresh History
  • JPratas: dgtgtr Pessoal  49E09B4F k7y8j0
    06 de Novembro de 2024, 17:19
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  4tj97u<z
    03 de Novembro de 2024, 10:49
  • j.s.: bom fim de semana  43e5r6 49E09B4F
    02 de Novembro de 2024, 08:37
  • j.s.: ghyt74 a todos  4tj97u<z
    02 de Novembro de 2024, 08:36
  • FELISCUNHA: ghyt74   49E09B4F  e bom feriado   4tj97u<z
    01 de Novembro de 2024, 10:39
  • JPratas: try65hytr Pessoal  h7ft6l k7y8j0
    01 de Novembro de 2024, 03:51
  • j.s.: try65hytr a todos  4tj97u<z
    30 de Outubro de 2024, 21:00
  • JPratas: dgtgtr Pessoal  4tj97u<z k7y8j0
    28 de Outubro de 2024, 17:35
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  k8h9m
    27 de Outubro de 2024, 11:21
  • j.s.: bom fim de semana   49E09B4F 49E09B4F
    26 de Outubro de 2024, 17:06
  • j.s.: dgtgtr a todos  4tj97u<z
    26 de Outubro de 2024, 17:06
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana
    26 de Outubro de 2024, 11:49
  • JPratas: try65hytr Pessoal  101yd91 k7y8j0
    25 de Outubro de 2024, 03:53
  • JPratas: dgtgtr A Todos  4tj97u<z 2dgh8i k7y8j0
    23 de Outubro de 2024, 16:31
  • FELISCUNHA: ghyt74  pessoal   49E09B4F
    23 de Outubro de 2024, 10:59
  • j.s.: dgtgtr a todos  4tj97u<z
    22 de Outubro de 2024, 18:16
  • j.s.: dgtgtr a todos  4tj97u<z
    20 de Outubro de 2024, 15:04
  • FELISCUNHA: Votos de um santo domingo para todo o auditório  101041
    20 de Outubro de 2024, 11:37
  • axlpoa: hi
    19 de Outubro de 2024, 22:24
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    19 de Outubro de 2024, 11:31

Autor Tópico: The Ultimate Bac And Idor  (Lida 38 vezes)

0 Membros e 1 Visitante estão a ver este tópico.

Online mitsumi

  • Moderador Global
  • ***
  • Mensagens: 115840
  • Karma: +0/-0
The Ultimate Bac And Idor
« em: 24 de Novembro de 2022, 12:53 »


Published 11/2022
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 386.24 MB | Duration: 0h 42m

Learn how to find, exploit and even automate the most common exploit type in the OWASP top 10 - 2021

What you'll learn
Broken Access Control
Insecure Direct Object Reference
Semi-automated hacking
CI/CD Pipeline
BAC Hacking with burp
BAC Hacking with ZAP
Requirements
PC Able to run ZAP
PC Able to run Burp suite free edition
Description
First of all, we have to start by explaining to you what is in this course. You might have heard of the terms Broken Access Control (BAC) and Insecure Direct Object Reference (IDOR) before, but do you really understand what it is all about? In this course, we are going to go through a list of tools, methodologies, tips, and tricks that will help you level up your BAC game.Who am I? My name is Wesley, I own a pen testing company and throughout the years I have had to design my own way of working. This has led me to my favorite issue type XSS but it also came with a surprising exploit type I turned out to adore! I am of course talking about BAC and IDOR. With several years of teaching experience, I wanted to build a course to pass my knowledge on to you and to help you grow without having to go through the same growing pains I experienced. Who is this course for? If you are a beginner hacker who is looking to add a new exploit type to their repertoire or even a medior hacker who wants to further explore BAC and IDOR to the point of automation/semi-automating the search for the noble exploit type of BAC. Why BAC?Why BAC? Because it's the most common exploit type of the OWASP top 10 - 2021 of course! This deceptively difficult exploit pulls you in with its allure of easy exploitation but you will soon realize there is much more than just the surface-level exploits you have to take into account. In my bug bounty journey, I have seen how incredibly common this exploit type is and I hope to bring down its prevalence by teaching you how to find and exploit this bug with different tools.
Overview
Section 1: Introduction
Lecture 1 GENERAL-Syllabus
Lecture 2 GENERAL-000. Introduction
Section 2: What is BAC?
Lecture 3 GENERAL-010 - So what exactly is BAC
Lecture 4 GENERAL-011. What the IDOR
Section 3: Manually hunting BAC
Lecture 5 GENERAL-020. Manual BAC and IDOR hunting-051022-203345
Lecture 6 GENERAL-021. Manual testing assignment-051022-203433
Lecture 7 GENERAL-022_ Solutions
Lecture 8 GENERAL-022. Assignement 2 & 3
Section 4: Automated hunting with burp suite
Lecture 9 GENERAL-030. Automated BAC hunting with burp suite
Section 5: Automated hunting with ZAP
Lecture 10 GENERAL-040_ Hunting BAC with ZAP
Section 6: Capstone project
Lecture 11 GENERAL-050 Capstone project
Section 7: XTRA - Extras
Lecture 12 XTRA01 - Permission matrix example
Lecture 13 XTRA02- Mindmap BAC
Beginner hackers looking to thoroughly add another exploit type to their repetoire


Download link

rapidgator.net:
Citar
https://rapidgator.net/file/c38c91bfa5f85561bf690afb388bbeb3/isrpd.The.Ultimate.Bac.And.Idor.rar.html

uploadgig.com:
Citar
https://uploadgig.com/file/download/c663dbcC5Ee2482a/isrpd.The.Ultimate.Bac.And.Idor.rar

nitroflare.com:
Citar
https://nitroflare.com/view/7D88C537C9BE0BE/isrpd.The.Ultimate.Bac.And.Idor.rar

1dl.net:
Citar
https://1dl.net/s6wwqddg45og/isrpd.The.Ultimate.Bac.And.Idor.rar.html