HACKING OAuth 2.0 FOR BEGINNERS!

I'm a pentester and a bug bounty hunter who's learning everyday and sharing useful resources as I move along. Subscribe to my channel because I'll be sharing my knowledge in new videos regularly. SIGN UP ON Intigriti: http://go.intigriti.com/farah BUY ME A COFFEE: https://www.buymeacoffee.com/farahhawa TIME STAMPS: 00:00:45 - What is OAuth 2.0? 00:01:05 - Uses of OAuth 2.0 00:01:30 - Entities in OAuth 2.0 00:02:09 - Types of Flows of OAuth 2.0 00:02:30 - Authorization Code Grant Flow 00:04:11 - Implicit Grant Flow 00:05:11 - Practical Exploitation 00:05:36 - Reusing Access Tokens 00:07:05 - redirect_uri Not Validated 00:08:52 - CSRF SOCIAL MEDIA: Follow me on Twitter:   / farah_hawaa   Follow me on Instagram:   / farah_hawaa   Connect with me on LinkedIn:   / farah-hawa-a012b8162   OAuth 2.0 LAB: https://github.com/koenbuyens/Vulnera... OAuth 2.0 RESOURCES: https://www.digitalocean.com/communit... https://tools.ietf.org/html/rfc6749 https://auth0.com/docs/api-auth/which... https://alexbilbie.com/guide-to-oauth...    • LevelUp 0x02 - Hacking OAuth 2.0 For Fun A...   Video editor: https://www.fiverr.com/pixelstudios1

Join Today
HACKING postMessage() FOR BEGINNERS!
▶︎

HACKING postMessage() FOR BEGINNERS!

Hacking Oauth Applications - Pt. 1
▶︎

Hacking Oauth Applications - Pt. 1

Mastering OAuth 2.0 Flows: Complete Guide + Security Testing Tips (Okta OAuth Playground)
▶︎

Mastering OAuth 2.0 Flows: Complete Guide + Security Testing Tips (Okta OAuth Playground)

OAuth 2.0 for Hackers (Part 1): Easy Guide to Understanding the Basics
▶︎

OAuth 2.0 for Hackers (Part 1): Easy Guide to Understanding the Basics

An Illustrated Guide to OAuth and OpenID Connect
▶︎

An Illustrated Guide to OAuth and OpenID Connect

Most Devs Get API Authentication Wrong ?
▶︎

Most Devs Get API Authentication Wrong ?

OAuth 2.0 and OpenID Connect (in plain English)
▶︎

OAuth 2.0 and OpenID Connect (in plain English)

How To Learn Hacking - A Practical Demo
▶︎

How To Learn Hacking - A Practical Demo

7 Authentication Concepts Every Developer Should Know
▶︎

7 Authentication Concepts Every Developer Should Know

#NahamCon2024: OAuth Secret | @BugBountyReportsExplained
▶︎

#NahamCon2024: OAuth Secret | @BugBountyReportsExplained

I Made an Antivirus That Secretly Attacks Scammers
▶︎

I Made an Antivirus That Secretly Attacks Scammers

I Investigated a 10-Year-Old Scam Operation
▶︎

I Investigated a 10-Year-Old Scam Operation

oAuth for Beginners - How oauth authentication🔒 works ?
▶︎

oAuth for Beginners - How oauth authentication🔒 works ?

How hackers steal passwords with Wireshark
▶︎

How hackers steal passwords with Wireshark

Exploring OAuth 2.0: Must-Know Flows Explained
▶︎

Exploring OAuth 2.0: Must-Know Flows Explained

WEB CACHE DECEPTION FOR BEGINNERS!
▶︎

WEB CACHE DECEPTION FOR BEGINNERS!

#NahamCon2024: GraphQL is the New PHP | @0xlupin
▶︎

#NahamCon2024: GraphQL is the New PHP | @0xlupin

BYPASSING SAML AUTHENTICATION FOR BEGINNERS!
▶︎

BYPASSING SAML AUTHENTICATION FOR BEGINNERS!

How I Made $30,000 Hacking Broken Access Control
▶︎

How I Made $30,000 Hacking Broken Access Control

NoSQL INJECTION FOR BEGINNERS!
▶︎

NoSQL INJECTION FOR BEGINNERS!