Learn Web Application Penetration Testing From Scratch
Learn to exploit web application vulnerabilities methodically
Cyber Security,Penetration Testing,IT & Software,Network & Security
Lectures -23
Resources -1
Duration -3.5 hours
30-days Money-Back Guarantee
Get your team access to 10000+ top Tutorials Point courses anytime, anywhere.
Course Description
In this ethical hacking course you'll learn how to exploit the vulnerabilities found in web applications and web servers following the OWASP Testing Guide framework, used by companies all over the world to perform web penetration testing engagements. A vulnerable virtual machine, Web Sec Target Practice, is provided with the course for you to practice the various phases of the penetration testing engagement.
We'll predominantly use the Burp Suite Community edition and open source Kali tools throughout the entire course to test the infrastructure of the web server, brute force authentication forms, tamper with header attributes, perform XSS, SQL, command injections and other types of injections. We'll also develop a buffer overflow exploit step by step.
Goals
What will students achieve or be able to do after taking your course?
- You will be able to perform a web penetration testing engagement from start to finish
- You will be able to discover and exploit web application vulnerabilities
Prerequisites
What knowledge & tools are required?
- A fairly powerful PC to handle the Kali and the vulnerable virtual machine concurrently, 8GB RAM is recommended, a i5 processor
- Knowledge of web technologies like SQL, HTML, JavaScript, PHP
- Knowledge of the HTTP protocol
- Knowledge of Linux, the bash command line
- Dedication, patience and persistence
Curriculum
Check out the detailed breakdown of what’s inside the course
Course Introduction
2 Lectures
- Course Introduction 04:41 04:41
- Setting Up The Environment, Burp Suite Configuration 10:49 10:49
Information Gathering, Error Handling & Configuration testing
4 Lectures
Authentication & Authorization Testing
3 Lectures
Session Management Testing
2 Lectures
Input Validation Testing: XSS, SQLi, Command Injection
6 Lectures
Weak Cryptography & Business Logic Testing
4 Lectures
Client Side Testing
1 Lectures
Course End
1 Lectures
Instructor Details
Adriano Gattabuia
Course Certificate
Use your certificate to make a career change or to advance in your current career.
Our students work
with the Best
Related Video Courses
View MoreAnnual Membership
Become a valued member of Tutorials Point and enjoy unlimited access to our vast library of top-rated Video Courses
Subscribe nowOnline Certifications
Master prominent technologies at full length and become a valued certified professional.
Explore Now