Complete Web Application Penetration Testing & Security

Description

This comprehensive course on Complete Web Application Penetration Testing & Security will deepen your understanding on this topic.

After successful completion of this course you can acquire the required skills in this sector. This Complete Web Application Penetration Testing & Security comes with accredited certification, which will enhance your CV and make you worthy in the job market.

So enrol in this course today to fast track your career ladder.

You may have to take a quiz or a written test online during or after the course. After successfully completing the course, you will be eligible for the certificate.

There is no experience or previous qualifications required for enrolment on this Complete Web Application Penetration Testing & Security. It is available to all students, of all academic backgrounds.

Our Complete Web Application Penetration Testing & Security is fully compatible with PC's, Mac's, Laptop, Tablet and Smartphone devices. This course has been designed to be fully compatible with tablets and smartphones so you can access your course on Wi-Fi, 3G or 4G.

There is no time limit for completing this course, it can be studied in your own time at your own pace.

Having these various qualifications will increase the value in your CV and open you up to multiple sectors such as Business & Management, Admin, Accountancy & Finance, Secretarial & PA, Teaching & Mentoring etc.

12 sections • 60 lectures • 14:18:00 total length

•About The Course: 00:03:00

•Web Attack Simulation Lab: 00:12:00

•Web application technologies 101 - PDF: 00:47:00

•HTTP Protocol Basics: 00:11:00

•Encoding Schemes: 00:13:00

•Same Origin Policy - SOP: 00:06:00

•HTTP Cookies: 00:11:00

•Cross-origin resource sharing: 00:05:00

•Web application proxy - Burp suite: 00:09:00

•Fingerprinting web server: 00:05:00

•DNS Analysis - Enumerating subdomains: 00:04:00

•Metasploit for web application attacks: 00:12:00

•Web technologies analysis in real time: 00:03:00

•Outdated web application to server takeover: 00:08:00

•BruteForcing Web applications: 00:06:00

•Shodan HQ: 00:07:00

•Harvesting the data: 00:05:00

•Finding link of target with Maltego CE: 00:09:00

•Cross Site Scripting- XSS - PDF: 00:34:00

•Cross site scripting: 00:07:00

•Reflected XSS: 00:14:00

•Persistent XSS: 00:11:00

•DOM-based XSS: 00:10:00

•Website defacement through XSS: 00:09:00

•XML Documents & database: 00:14:00

•Generating XSS attack payloads: 00:13:00

•XSS in PHP, ASP & JS Code review: 00:13:00

•Cookie stealing through XSS: 00:12:00

•Advanced XSS phishing attacks: 00:08:00

•Advanced XSS with BeEF attacks: 00:10:00

•Advanced XSS attacks with Burp suite: 00:08:00

•Code Review Guide: 03:11:00

•SQL Injection attacks - PDF: 00:45:00

•Introduction to SQL Injection: 00:16:00

•Dangers of SQL Injection: 00:05:00

•Hunting for SQL Injection vulnerabilities: 00:20:00

•In-band SQL Injection attacks: 00:27:00

•Blind SQL Injection attack in-action: 00:10:00

•Exploiting SQL injection - SQLMap: 00:09:00

•Fuzzing for SQL Injection - Burp Intruder: 00:14:00

•CSRF or XSRF attack methods: 00:12:00

•Anti-CSRF Token methods: 00:15:00

•Anti-CSRF token stealing-NOT easy: 00:11:00

•Authentication bypass-hydra: 00:11:00

•HTTP Verb Tampering: 00:09:00

•HTTP parameter pollution - HPP: 00:06:00

•Authentication: 00:10:00

•Client side control bypass: 00:10:00

•LFI & RFI attacks: 00:13:00

•Unrestricted file upload - content type: 00:06:00

•Unrestricted File Upload - Extension Type: 00:06:00

•Remote code execution using Shell Uploads: 00:09:00

•XXE attacks in action: 00:14:00

•Advanced Intruder attack types: 00:23:00

•Cross window messaging: 00:02:00

•Defense in depth applied to web app: 00:02:00

•Drupagedden: 00:02:00

•Finding details with open source: 00:17:00

•Out of band XXE: 00:02:00

•Website auditing: 00:02:00