Web Application Penetration Testing Course with Kali Linux

This course is divided into five parts, the first part we will learn about how to create your own home virtual lab. It’s strongly recommended to test your knowledge on a testing lab and not production systems, to avoid any damage that may affect the production systems.

We will learn how to install Kali Linux, which is the operating system we are going to use during our web application penetration testing tutorials, as Kali Linux is a tool kit that includes more than 300 penetration testing tools.

Kali Linux can be installed using an ISO file, or using a pre-built disk image. We are going to learn both ways of installing Kali. After that, we will learn more about the vulnerable web application we are going to use, “Damn Vulnerable Web Application” or DVWA. This is a vulnerable web application as the name suggests that you can use to learn about various attacks and the correct usage of different penetration testing tools like Burp Suite, SQLMAP, etc.

Next, in the second part of this tutorial, we will discuss the phases of any penetration testing process conducted on any web application or website. We will learn all about penetration testing and what are the techniques and tools that are used during penetration testing. I will give you the best practices in penetration testing and advise you about different standards such as NIST and frameworks such as MITRE Attack Framework, and that will guide you much during your penetration testing.

In the third part, we are going to have an overview of Kali Linux Penetration Testing Tools. How these tools are categorized and how to use the most common tools in your penetration testing journey.

In the fourth part of this tutorial, we are going to discuss various attacks that you must test in any web application you are testing, including file inclusion attacks, SQL injection attacks, Command execution attacks, etc.

In the final part of this tutorial, we are going to cover the most common tools we use in our penetration testing journey as shown in the table on the right.

That being said, we will cover various techniques and methodologies to identify and exploit vulnerabilities in web applications.

I hope you will gain valuable insights and practical knowledge that will assist you in securing web applications and protecting them from potential attacks.

Looking forward to hearing from you if you have any comments. Thanks.