#Vulnerability Testing

Explore application security practices in smart contract auditing, focusing on Solidity, common vulnerabilities, security tools, and the growing market for blockchain security engineers.

Add to list

16 Lesons

48 minutes

On-Demand

Free-Video

Bugcrowd

Critical Security Issues and Trends for 2017

Explore critical security trends with industry experts, covering IoT vulnerabilities, crowdsourced testing, AI impacts, and evolving threats to prepare for the cybersecurity landscape of 2017.

Add to list

8 Lesons

1 hour 4 minutes

On-Demand

Free-Video

Purple Team Strategies for Application Security

Explore purple team strategies for application security, blending red and blue team approaches to enhance vulnerability testing, automation, and security infrastructure integration.

Add to list

30 Lesons

34 minutes

On-Demand

Free-Video

Linux Foundation

How to Effectively Test Transient Execution Mitigations

Explore transient execution vulnerability testing methods, challenges, and future improvements for effective mitigation in software and hardware systems.

Add to list

14 Lesons

30 minutes

On-Demand

Free-Video

Hackazon: Stop Hacking Like It's 1999

Explore Hackazon, a modern vulnerable web app for testing security skills. Learn about its AJAX interface, RESTful APIs, and configurable vulnerabilities that challenge both automated scanners and manual pentesters.

Add to list

1 Lesons

55 minutes

On-Demand

Free-Video

OWASP Broken Web Applications - Future Developments Beyond Version 1.0

Explore OWASP's virtual machine with 25+ vulnerable web applications for security training and testing. Learn about project features and future developments in web application security.

Add to list

1 Lesons

49 minutes

On-Demand

Free-Video

CNCF [Cloud Native Computing Foundation]

Security Does Not Need to Be Fun - Ignoring OWASP to Have a Terrible Time

Explore OWASP's free tools and resources for designing and implementing secure web applications, addressing common security challenges in the software development lifecycle.

Add to list

17 Lesons

28 minutes

On-Demand

Free-Video

Azure Vulnerability Testbed (AzGOAT) - Understanding and Hardening Azure Security

Explore Azure security vulnerabilities and defenses with AzGOAT, a lab environment for understanding attack surfaces, designing secure solutions, and minimizing threats in Azure environments.

Add to list

1 Lesons

47 minutes

On-Demand

Free-Video

Hack In The Box Security Conference

Hunting for Amazon Cognito Security Misconfigurations

Explore Amazon Cognito security misconfigurations, learn testing techniques for audits and bug bounty hunting, and discover mitigation strategies through a real-world account takeover case study.

Add to list

1 Lesons

39 minutes

On-Demand

Free-Video

WEareTROOPERS

Vulnerability Testing, a Case Study

Explore vulnerability testing through a real-world case study, gaining insights into effective security assessment techniques and practical application of testing methodologies.

Add to list

1 Lesons

23 minutes

On-Demand

Free-Video

Compression Bombs Strike Back

Explore data compression risks, HTTP vulnerabilities, and server attack techniques in this comprehensive security analysis of compression-related threats.

Add to list

20 Lesons

39 minutes

On-Demand

Free-Video

WEareTROOPERS

Implementing an USB Host Driver Fuzzer

Explore USB host driver fuzzing techniques, covering USB basics, security implications, and practical implementation steps for effective vulnerability discovery.

Add to list

20 Lesons

44 minutes

On-Demand

Free-Video

Hack in Paris

Beyond OWASP Top 10 by Aaron Hnatiw - Hack in Paris - 2017

Explore 5 dangerous web vulnerabilities beyond OWASP Top 10, covering exploits and mitigations for both developers and pentesters to enhance application security.

Add to list

14 Lesons

45 minutes

On-Demand

Free-Video

FIESTA - An HTTPS Side-Channel Party

Explore HTTPS side-channel vulnerabilities and a new tool, FIESTA, for testing and exploiting these issues. Learn about a novel side-channel affecting major tech companies and its implications for online security.

Add to list

22 Lesons

42 minutes

On-Demand

Free-Video

OWASP IoTGoat Project Overview and Roadmap

Explore IoTGoat, an OWASP project for IoT security testing. Learn about hardware compatibility, vulnerabilities, and hands-on techniques like firmware extraction and password cracking.

Add to list

14 Lesons

36 minutes

On-Demand

Free-Video

SweynTooth - Unleashing Mayhem over Bluetooth Low Energy

Explores vulnerabilities in Bluetooth Low Energy protocol implementations, presenting a systematic fuzzing framework that discovered 11 new vulnerabilities across various devices and IoT products.

Add to list

16 Lesons

25 minutes

On-Demand

Free-Video

0xdade

IOT RCE - A Study With Disney

Explore IoT device vulnerabilities using Disney's Circle and Foscam as case studies. Learn novel attack techniques, including SSL bypasses, SSID injection, and cloud routing abuse. Discuss IoT devices' use of offensive tools.

Add to list

1 Lesons

50 minutes

On-Demand

Free-Video

Black Hat

Auditing the Compression Algorithm Weapon Cache

Explore decompression bomb attacks, their impact on applications, and strategies for prevention. Learn about various compression algorithms and their vulnerabilities in this security-focused presentation.

Add to list

32 Lesons

28 minutes

On-Demand

Free-Video

BSidesLV

Defeating Machine Learning - Systemic Deficiencies for Detecting Malware

Explore systemic vulnerabilities in machine learning for malware detection, covering sandbox evasion, model problems, and potential solutions for improved cybersecurity.

Add to list

21 Lesons

45 minutes

On-Demand

Free-Video

Lowering the USB Fuzzing Barrier by Transparent Two-Way Emulation

Innovative USB testing framework enabling cost-effective, flexible analysis and modification of USB communication. Introduces two-way emulation for enhanced fuzzing and vulnerability detection.

Add to list

1 Lesons

19 minutes

On-Demand

Free-Video

Black Hat

The Defense Rests - Automation and APIs for Improving Security

Explore automation and APIs for enhancing security through centralized management, testing, and evidence-driven approaches. Learn to leverage open-source tools and protocols for efficient vulnerability detection and faster recovery.

Add to list

13 Lesons

27 minutes

On-Demand

Free-Video

Recon Conference

How to Hack Shannon Baseband

Explore remote baseband vulnerabilities in Samsung modems, including attack surface analysis, bug discovery, testing methods, and potential exploitation techniques for mobile network security.

Add to list

1 Lesons

54 minutes

On-Demand

Free-Video

Intro to Fuzzing for Fun and Profit

Explore fuzzing techniques for software security, covering tools like AFL and Python fuzzers, memory error detection, debugging strategies, and advanced fuzzing methods.

Add to list

31 Lesons

45 minutes

On-Demand

Free-Video

EuroPython Conference

Ethical Hacking with Python Tools

Explore ethical hacking using Python tools for security testing, vulnerability analysis, and pentesting. Learn to develop custom security tools and conduct demonstrations on target domains.

Add to list

28 Lesons

40 minutes

On-Demand

Free-Video

NDC Conferences

How to Hack Your Own Mobile App

Learn techniques to identify and mitigate security vulnerabilities in Xamarin-based mobile apps, focusing on OWASP Mobile Top 10 threats and practical defense strategies.

Add to list

10 Lesons

49 minutes

On-Demand

Free-Video

Black Hat

Fuzzing and Breaking Security Functions of SIMATIC PLCs

Explore techniques for cracking TLS protocols, conducting security protocol fuzzing, and analyzing vulnerabilities in Siemens S7-1500/S7-1200 PLCs, with practical demonstrations of exploiting and controlling these industrial devices.

Add to list

1 Lesons

29 minutes

On-Demand

Free-Video

Bugcrowd

Web API Testing: Fundamentals and Best Practices

Learn to test for API vulnerabilities and explore OWASP guidelines in this practical tutorial on identifying and addressing web API security issues.

Add to list

1 Lesons

30 minutes

On-Demand

Free-Video

DEFCONConference

Automotive USB Fuzzing: Efficient Methods and Real-World Vulnerabilities

Dive into automotive USB fuzzing techniques and discover efficient methods for testing vehicle vulnerabilities through direct USB connections, featuring real-world case studies and practical demonstrations.

Add to list

17 Lesons

38 minutes

On-Demand

Free-Video

Fuzzing_in - Hardik Shah

Snapshot Fuzzing with WTF Fuzzer - Techniques and Implementation

Master snapshot fuzzing with WTF Fuzzer. Configure Hyper-V, use Windbg and Bdump.js for snapshotting, develop harnesses, and fuzz C programs. Enhance your software security skills through hands-on practice.

Add to list

9 Lesons

39 minutes

On-Demand

Free-Video

Towards Generic Database Management System Fuzzing

Discover how BUZZBEE framework revolutionizes database security testing by effectively fuzzing both SQL and NoSQL systems, revealing vulnerabilities and achieving superior code coverage compared to existing solutions.

Add to list

1 Lesons

12 minutes

On-Demand

Free-Video

Vulnerability-oriented Testing for RESTful APIs