In this video, we cover Lab #1 in the CORS module of the Web Security Academy. The website has an insecure CORS configuration in that it trusts all origins. To solve the lab, we craft malicious JavaScript that uses CORS to retrieve the administrator's API key.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: [ Ссылка ]
▬ 📖 Contents of this video 📖 ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
00:12 - Web Security Academy Course ([ Ссылка ])
01:23 - Navigation to the exercise
01:56 - Understand the exercise and make notes about what is required to solve it
03:00 - Exploit the lab
15:53 - Summary
16:23 - Thank You
▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
HTML script: [ Ссылка ]
Notes.txt document: [ Ссылка ]
Web Security Academy Exercise Link: [ Ссылка ]
Rana's Twitter account: [ Ссылка ]
