Port Swigger Material WAP Challenges Course Videos
1)SQL Injection
2)Authentication
2Challenge 1: Form Bruteforcing Solutions
3Challenge 2: HTTP Form Attacks Reloaded
4HTTP Basic Authentication Attack (Easy)
5Basic Authentication and Form Bruteforcing (Intermediate)
6Challenge 2: HTTP Form Attacks Reloaded Solution
7HTTP Basic Authentication Attack - Solutions
8Basic Authentication and Form Bruteforcing - Solutions
9Challenge 5: Digest Authentication Attack
10Challenge 6: Digest Authentication Reloaded
11Challenge 5: Digest Authentication Attack Solutions
12Challenge 6: Digest Authentication Reloaded Solutions
13Challenge 7: Cracking Digest Authentication
14Challenge 7: Cracking Digest Authentication Solution
15Challenge 8: Broken Authentication
16Challenge 8: Broken Authentication Solution
21Challenge 12: Decrypting SSL Traffic
22Challenge 12: Decrypting SSL Traffic Solution
3)Directory Traversal
4)Command Injection
5)Business Logic Vulnerabilities
6)Information Disclosure
7)Access Control
8)File Upload Vulnerabilities
9)SSRF
10)XXE Injection
11)Cross Site Scripting - XSS
39Challenge 20: XSS
40Challenge 21: XSS II
41Challenge 20: XSS Solution
42Challenge 21: XSS II Solution
43Challenge 22: XSS III
44Challenge 23: XSS IV
45Challenge 24: XSS V
46Challenge 25: XSS VI
47Challenge 26: XSS VII
48Challenge 22: XSS III Solution
49Challenge 23: XSS IV Solution
50Challenge 24: XSS V Solution
51Challenge 25: XSS VI Solution
52Challenge 26: XSS VII Solution
53Challenge 27: XSS VIII
54Challenge 28: XSS IX
55Challenge 27: XSS VIII Solution
56Challenge 28: XSS IX Solution
57Challenge 29: XSS X
58Challenge 30: XSS XI
59Challenge 29: XSS X Solution
60Challenge 30: XSS XI Solution
61Challenge 31: XSS XII
62Challenge 32: XSS XIII
63Challenge 31: XSS XII Solution
64Challenge 32: XSS XIII Solution
65Challenge 33: XSS 14
66Challenge 33: XSS 14 Solution
67Challenge 34: XSS 15
68Challenge 34: XSS 15 Solution
69Challenge 35: XSS 16
70Challenge 35: XSS 16 Solution
71Challenge 36: XSS 17
72Challenge 36: XSS 17 Solution
73Google XSS Challenge 1
74Google XSS Challenge 2
75Google XSS Challenge 3
76Google XSS Challenge 4
77Google XSS Challenge 5
78Google XSS Challenge 6
12)Cross Site REquest Forgery - CSRF
95CSRF: If only all Pentests were this Easy!
96CSRF: Not All Links are Clickable
97CSRF: No he won't click your links!
98CSRF: How about a POST?
99CSRF: Would hate a predictable life!
100CSRF: Mutual Exclusivity is Important for Secrecy!
101CSRF: Wow! This just got hard!
102CSRF: We only hire after Reference Checks!
103CSRF: What's in a Name?
104CSRF: Custom Code is Always a Target!
105CSRF: O! Token Where do you hide?
106CSRF: The Web is Cross Domain :)
107CSRF: If only all Pentests were this Easy! (solution)
108CSRF: Not All Links are Clickable (solution)
109CSRF: No he won't click your links! (solution)
110CSRF: How about a POST? (solution)
111CSRF: Would hate a predictable life! (solution)
112CSRF: Mutual Exclusivity is Important for Secrecy! (solution)
113CSRF: Wow! This just got hard! (solution)
114CSRF: We only hire after Reference Checks! (solution)
115CSRF: What's in a Name? (solution)
116CSRF: Custom Code is Always a Target! (solution)
117CSRF: O! Token Where do you hide? (solution)
118CSRF: The Web is Cross Domain :) (solution)
13)Cross Origin Resource Sharing - CORS
14)Clickjacking
15)DOM Based Vulnerabilities
16)WEB Sockets
17)Insecure Deserilization
18)Server Side Template Injection
19)WEB Cache Poisoning
20)HTTP Host Header Attacks
21)HTTP Request Smuggling
22)OAuth Authentication
24) REDIRECTS
79Unvalidated Redirects: As Easy as it Gets
80Unvalidated Redirects: Decode Me!
81Unvalidated Redirects: Daisy Chains!
82Unvalidated Redirects: Hashing
83Unvalidated Redirects: Hash with a Predictable Salt
84Unvalidated Redirects: As Easy as it Gets (Solution)
85Unvalidated Redirects: Decode Me! (Solution)
86Unvalidated Redirects: No Hints this Time!
87Unvalidated Redirects: Salt is included FREE!
88Unvalidated Redirects: Security through Obscurity!
89Unvalidated Redirects: Daisy Chains! (Solution)
90Unvalidated Redirects: Hashing (Solution)
91Unvalidated Redirects: Hash with a Predictable Salt (solution)
92Unvalidated Redirects: No Hints this Time! (solution)
93Unvalidated Redirects: Salt is included FREE! (solution)
94Unvalidated Redirects: Security through Obscurity (solution)
25) HTML INJECTIONS
31Challenge 16: HTML Injection
32Challenge 17: HTML Injection II
33Challenge 18: HTML Injection III
34Challenge 19: HTML Injection IV
35Challenge 16: HTML Injection Solution
36Challenge 17: HTML Injection II Solution
37Challenge 18: HTML Injection III Solution
38Challenge 19: HTML Injection IV Solution
26) SESSION MANAGEMENT
17Challenge 9: Session ID Analysis
18Challenge 9: Session ID Analysis Solution
19Challenge 10: Session ID Analysis II
20Challenge 11: Session ID Analysis III
23Challenge 10: Session ID Analysis II Solutions
24Challenge 11: Session ID Analysis III Solution
1Section Introduction and Challenge 1
25Challenge 13: HTTP Forensics
26Challenge 13: HTTP Forensics Solutions
27Challenge 14: HTTP Traffic File Carving
28Challenge 14: HTTP Traffic File Carving Solution
29Challenge 15: HTTP Traffic File Carving II
30Challenge 15: HTTP Traffic File Carving II Solutions