Genre: eLearning | Language: English + srt | Duration: 50 lectures (3h 38m) | Size: 1.20 GB
A Beginners’ guide to Practical Web Security.
What you’ll learn:
Students will learn Web Application Penetration Testing
Students will learn how to identify vulnerabilities in web applications
Students will learn how to exploit vulnerabilities identified in web applications
Students will learn how to prevent common vulnerabilities in web applications
Students will learn vulnerability categories covered in OWASP TOP 10 2017
Requirements
A computer with administrative access, if you want to follow the hands-on exercises.
Good to have knowledge of any one programming language.
Description
Are you a beginner and looking to break into the AppSec field? Don’t know where to start your Application Security journey? Curious to know what it takes to get started with Bug Bounties? Then, this course is a great start for you. This practical web application penetration testing course is suitable for beginners and it covers a wide range of common web application attacks. Once you get the foundations right, you can build your skills on your own from there. This entry level web security course also provides a custom web application developed in Java specifically for this course. In addition to it, the course also covers some challenges in a publicly available vulnerable web application. The course provides necessary background details to the concepts wherever necessary.
Following are some of the topics covered in this course:
Web Application Architecture
HTTP Requests and Responses
SQL Injection – Authentication Bypass
Manually Exploiting Error Based SQL Injection
SQLMap for exploiting SQL Injection
Cross Site Scripting – Reflected, Stored and DOM Based
Cross Site Request Forgery
Broken Cryptography
Access Control Issues
Arbitrary File Uploads
XPATH Injection
XML External Entity (XXE) Injection
Java Deserialization
Command Execution via Security Misconfigurations
Command Execution via outdate software
You will learn the following for most vulnerabilities discussed in the course.
Identifying a vulnerability
How to exploit an identified vulnerability
How to prevent the discussed vulnerability
NOTE: This is course is being updated and new content will be uploaded until all the advertised modules are covered.
Who this course is for
Bug bounty hunters
Penetration testers
Security Auditors
Red Team Operators
Web Application Developers
Anyone interested in security.
Reviews
There are no reviews yet.