Published On Jul 8, 2023
In this video, we cover Lab #1 in the Authentication module of the Web Security Academy. This lab is vulnerable to username enumeration and password brute-force attacks. It has an account with a predictable username and password, which can be found in the following wordlists:
Candidate usernames: https://portswigger.net/web-security/...
Candidate passwords: https://portswigger.net/web-security/...
To solve the lab, we enumerate a valid username, brute-force this user's password, then access their account page.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: https://academy.ranakhalil.com/p/web-...
▬ 📚 Contents of this video 📚 ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
00:12 - Web Security Academy Course (https://bit.ly/30LWAtE)
01:23 - Navigation to the exercise
01:50 - Understand the exercise and make notes about what is required to solve it
02:24 - Exploit the lab
06:40 - Summary
07:13 - Thank You
▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
Notes.txt document: https://github.com/rkhal101/Web-Secur...
Web Security Academy Lab Exercise: https://portswigger.net/web-security/...
Rana's Twitter account: / rana__khalil