ISSA Web Pen-testing Workshop – Part 7 – HTML & Javascript Injection
text to speech
Instructor: Jeremy Druin (webpwnized)
Twitter: @webpwnized
Thank you for watching. Please support this channel. Up vote, subscribe or even donate by clicking "Support" at https://www.youtube.com/user/webpwnized!
Tools Used: Mutillidae 2.5.7 (hxxp://sourceforge.net/projects/mutillidae/), Burp Suite 1.5 Free Edition
Recorded By: Adrian Crenshaw of irongeek.com
The KY ISSA hosted a one-day web application pen testing workshop. Part 9 covers cross site scripting via html and javascript injection. The Mutillidae 2.5 vulnerable web application, which is freely available on Sourceforge, was used as the target application. Mutillidae 2.5 is developed by Jeremy Druin (aka webpwnized). It contains 42 vulnerabilities in many different context. It is a free download.
The webpwnized YouTube channel is dedicated to information security, security testing and ethical hacking. There is an emphasis on web application security but many other topics are covers. Some of these include forensics, network security, security testing tools and security testing processes. The channel provides videos to encourage software developers and system administrators to perform security testing. Also, the channel educates the next generation of security testers and bug bounty hunters who want to respectfully, legally and ethically help system owners that allow security testing.
video, sharing, camera phone, video phone, free, upload
2013-05-21 15:42:00
source
Gloss