CORS - Lab #1 CORS vulnerability with basic origin reflection | Long Video

In this video, we cover Lab #1 in the CORS module of the Web Security Academy. The website has an insecure CORS configuration in that it trusts all origins. To solve the lab, we craft malicious JavaScript that uses CORS to retrieve the administrator's API key.

▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: https://bit.ly/30LWAtE

▬ 📖 Contents of this video 📖 ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
00:12 - Web Security Academy Course (https://bit.ly/30LWAtE)
01:23 - Navigation to the exercise
01:56 - Understand the exercise and make notes about what is required to solve it
03:00 - Exploit the lab
15:53 - Summary
16:23 - Thank You

▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬
HTML script: https://github.com/rkhal101/Web-Secur...
Notes.txt document: https://github.com/rkhal101/Web-Secur...
Web Security Academy Exercise Link: https://portswigger.net/web-security/...
Rana's Twitter account:   / rana__khalil