Learn Web Application Penetration Testing From Scratch
Learn to exploit web application vulnerabilities methodically
Updated on Apr, 2024
Language - English
Cyber Security,Penetration Testing,IT & Software,Network & Security
Lectures -23
Resources -1
Duration -3.5 hours
30-days Money-Back Guarantee
Get your team access to 10000+ top Tutorials Point courses anytime, anywhere.
Course Description
In this ethical hacking course you'll learn how to exploit the vulnerabilities found in web applications and web servers following the OWASP Testing Guide framework, used by companies all over the world to perform web penetration testing engagements. A vulnerable virtual machine, Web Sec Target Practice, is provided with the course for you to practice the various phases of the penetration testing engagement.
We'll predominantly use the Burp Suite Community edition and open source Kali tools throughout the entire course to test the infrastructure of the web server, brute force authentication forms, tamper with header attributes, perform XSS, SQL, command injections and other types of injections. We'll also develop a buffer overflow exploit step by step.
Goals
What will you learn in this course:
What will students achieve or be able to do after taking your course?
- You will be able to perform a web penetration testing engagement from start to finish
- You will be able to discover and exploit web application vulnerabilities
Prerequisites
What are the prerequisites for this course?
What knowledge & tools are required?
- A fairly powerful PC to handle the Kali and the vulnerable virtual machine concurrently, 8GB RAM is recommended, a i5 processor
- Knowledge of web technologies like SQL, HTML, JavaScript, PHP
- Knowledge of the HTTP protocol
- Knowledge of Linux, the bash command line
- Dedication, patience and persistence
Curriculum
Check out the detailed breakdown of what’s inside the course
Course Introduction
2 Lectures
-
Course Introduction
04:41
04:41
-
Setting Up The Environment, Burp Suite Configuration
10:49
10:49
Information Gathering, Error Handling & Configuration testing
4 Lectures
Authentication & Authorization Testing
3 Lectures
Session Management Testing
2 Lectures
Input Validation Testing: XSS, SQLi, Command Injection
6 Lectures
Weak Cryptography & Business Logic Testing
4 Lectures
Client Side Testing
1 Lectures
Course End
1 Lectures
Instructor Details
Adriano Gattabuia
Amo lo studio ed ho lavorato sia come sviluppatore software che come penetration tester negli ultimi sei anni.
Ho iniziato ad insegnare su Udemy tramite il progetto Prime Radiant Security all'inizio del 2018.
Ho divorato centinaia di videocorsi e libri per tutta la vita, sono qui a condividere un'estensione delle conoscenze nate anche da problemi risolti efficientemente nella vita reale.
Credo che la teoria e la pratica debbano essere scrupolosamente equilibrate per evitare caotici approfondimenti da una parte ed evitare la noia e la frustrazione dall'altra.
I've been studying for a lifetime and have been working as both a software developer and as a penetration tester for the past six years.
I've started teaching through the Prime Radiant Security project at the start of 2018.
I have devoured tons of video courses and books in my life, I'm here to share an extension of the knowledge born out of real life problems I have managed to solve, in the most efficient way possible.
I believe that theory and practice should be carefully balanced in order to avoid further research to understand specific subjects on one hand and to avoid boredom or frustration on the other.
Course Certificate
Use your certificate to make a career change or to advance in your current career.
Our students work
with the Best
Related Video Courses
View MoreAnnual Membership
Become a valued member of Tutorials Point and enjoy unlimited access to our vast library of top-rated Video Courses
Subscribe now
Online Certifications
Master prominent technologies at full length and become a valued certified professional.
Explore Now