Student Reviews
( 5 Of 5 )
1 review
Video of Broken Authentication and SQL Injection OWASP Juice Shop TryHackMe in Web PenTesting course by Motasem Hamdan channel, video No. 8 free certified online
Cyber Security Certification Notes & Cheat Sheets
https://buymeacoffee.com/notescatalog/extras
(2nd link) Cyber Security Certification Notes & Cheat Sheets
https://shop.motasem-notes.net/collections/cyber-security-study-notes
Cyber Security Notes Membership Access
https://buymeacoffee.com/notescatalog/membership
Cybersecurity Direct Coaching & Mentoring
https://shop.motasem-notes.net/collections/coaching-and-mentoring-programs
Download FREE Cyber Security 101 Study Notes
https://buymeacoffee.com/notescatalog/e/290985
Get Strategic cyber security and tech insights weekly to your email by joining my newsletter below
https://buymeacoffee.com/notescatalog/membership
Blog Writeups
https://www.motasem-notes.net
In this video walkthrough, we covered broken authentication and SQL injection walkthrough as part of OWASP Juice Shop from TryHackMe
OWASP Juice Shop TryHackMe
https://tryhackme.com/room/owaspjuiceshop
Blog Post
https://motasem-notes.net/tryhackme-owasp-juice-shop-the-complete-guide/
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
Instagram
https://www.instagram.com/motasem.hamdan.tech/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
LinkedIn
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
Instagram
https://www.instagram.com/mastermindstudynotes/
Twitter
https://twitter.com/ManMotasem
Facebook
https://www.facebook.com/motasemhamdantty/
0:01 - Introduction to OWASP Juice Shop on TryHackMe
0:10 - Overview of Juice Shop Tasks and SQL Injection
0:33 - Task 1: SQL Injection to Login as Administrator
1:20 - Setting Up Burp Suite Intercept for SQL Injection Testing
2:05 - Demonstrating SQL Injection Bypass for Admin Access
4:05 - Logging into Admin Account and Copying the Flag
5:13 - Task 2: Logging into Vendor Account with SQL Injection
6:18 - Using Burp Suite for SQL Injection on Vendor Login
7:24 - Successfully Logging into Vendor Account
8:00 - Task 3: Brute-Forcing Admin Password with Intruder
8:42 - Setting Up Intruder Payloads for Password Brute-Force
10:07 - Identifying Successful Password from HTTP Response Code
10:23 - Task 4: Resetting Jim's Password via Security Question
10:39 - Attempting Password Reset by Answering Security Question
12:03 - Researching Security Question Answer Using Star Trek Reference
13:00 - Resetting Jim's Password and Retrieving Flag
13:20 - Summary of SQL Injection and Broken Authentication Vulnerabilities
13:36 - Next Steps: Further OWASP Juice Shop Tasks