z3nsh3ll
Freelance hacker bringing you the absolute coolest whitehat cyber security and webdev tutorials.
Variables in JavaScript - Webdev JavaScript Course - Part 5
WebSockets - Manipulating WebSocket Messages to Exploit Vulnerabilities
CSRF - SameSite Strict Bypass via Client-Side Redirect
CSRF - SameSite Lax Bypass via Method Override
CSRF - CSRF where Token is Duplicated in Cookie
Troubleshooting JavaScript - Webdev JavaScript Course Part 4
CSRF - CSRF where token is tied to non-session cookie
Webdev JavaScript Part 3 - A First Splash into JavaScript
Webdev Javascript Course with z3nsh3ll - Part 1 - Intro
What is JavaScript? - Webdev Javascript Course Part 2
CSRF Where Token is Not Tied to User Session
CSRF Where Token Validation Depends on Token Being Present
CSRF Where Token Validation Depends on Request Method
Business Logic Vulnerability - Authentication Bypass via Encryption Oracle
Business Logic Vulnerability - Infinite Money Logic Flaw
Business Logic - Authentication Bypass via Flawed State Machine
Business Logic - Insufficient Workflow Validation
Business Logic Vulnerabilities - Weak Isolation on Dual-Use Endpoint
Business Logic Vulnerability - Inconsistent Handling of Exceptional Input
Business Logic Vulnerability - Low-level Logic Flaw
Business Logic Vulnerability - Flawed Enforcement of Business Rules
Business Logic Vulnerability - Inconsistent Security Controls
Business Logic Vulnerability - High Level Logic Vulnerability
Business Logic - Excessive Trust in Client Side Controls
Information Disclosure in Version Control History
Information Disclosure - Authentication Bypass Via Information Disclosure
Information Disclosure - Source Code Disclosure Via Backup Files
Information Disclosure on Debug Page
Information Disclosure in Error Messages
Final Tips - Core CSS Mastery 6.5