Booking options
Price:
BuyContact Us£149.99
Course Images
Web Hacker's Toolbox - Tools Used by Successful Hackers
By Packt
- 30 Day Money Back Guarantee
- Completion Certificate
- 24/7 Technical Support
Highlights
On-Demand course
3 hours
All levels
Description
An intermediate-level training that will help you learn how hackers find SQL injections with Sqlmap, web application security testing with Google Hacking, fuzzing with Burp Suite, and exploiting race conditions with OWASP ZAP. You will learn how to use these tools in your penetration testing projects and use them to protect your web applications.Ethical hackers and penetration testers need a very good toolbox to do their job efficiently. They would also need to learn step-by-step how to use the tools from this toolbox and that's exactly what this course delivers. In this course, we will demonstrate Sqlmap, which is the most powerful tool for automated SQL injection detection and exploitation. The course will also present Google Hacking and show you how it can be used to find security weaknesses in web applications. Later on in the course, you will be presented with fuzzing, which is a vulnerability detection technique used by many successful hackers, and it will be demonstrated how to perform fuzzing with Burp Suite Intruder. Finally, you will learn how to exploit race conditions with OWASP ZAP. Race conditions can lead to very dangerous attacks on modern web applications, and this is exactly what we will demonstrate at later stages. By the end of this course, you will have worked on the tools used by successful hackers and start using them in your own penetration testing projects going forward.
What You Will Learn
Discover the tools used by the successful hackers
Learn step-by-step how to use these tools in practice (DEMOS)
Find SQL injections within minutes with the help of Sqlmap
Detect security weaknesses with Google Hacking
Perform fuzzing with Burp Suite Intruder
Exploit race conditions with OWASP ZAP
Audience
This course is ideal for all penetration testers, ethical hackers, bug hunters, and security engineers/consultants who want to enhance and refresh their knowledge of pentesting and hacking.
This course is for intermediate levels and basic hacking skills are required to get the most out of this course. There will be no video dedicated to any kind of installation.
Approach
This is a highly practical and hands-on course on pentesting. The step-by-step approach of using these hacking tools along with real-world case studies will help you align with the market. The theories shown in the videos are concise and crisp, followed by direct implementation. There will be tips and tricks shared by the experienced author that you will follow throughout the course's journey.
Key Features
Learn from one of the top hackers at HackerOne and use tools in your own penetration testing projects * Highly practical and hands-on course filled with real-world examples wherever possible * A dedicated section on OWASP ZAP that shows a bunch of real-world scenarios step-by-step using the tool
About the Author
Dawid Czagan
Dawid Czagan is an internationally recognized security researcher and trainer. He is listed among the top hackers at HackerOne. Dawid Czagan has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of many bugs, he received numerous awards for his findings. Dawid Czagan shares his security experience in his hands-on training at key industry conferences worldwide. He is the founder and CEO of Silesia Security Lab.
Course Outline
1. Introduction to the Course
1. Introduction This video provides an overview of the course that contains a basic idea about the course and structure it is going to follow. |
2. How Hackers Find SQL Injections in Minutes with Sqlmap
1. Introduction This video provides an overview of the section. |
2. The Basics of Sqlmap - Overview This video provides an overview of the basics of Sqlmap. |
3. The Basics of Sqlmap - Demo This is a demo video of the basics of Sqlmap. |
4. Dumping Database Table Entries - Overview This video provides an overview of how to dump database table entries. |
5. Dumping Database Table Entries - Demo This is a demo video on how to dump database table entries. |
6. From SQL Injection to Remote Code Execution - Overview This video provides an overview of how to execute the code from SQL injection to remote. |
7. From SQL Injection to Remote Code Execution - Demo This is a demo video that demonstrates how to execute the code from SQL injection to remote. |
8. More Advanced Testing with Sqlmap - Overview This video provides an overview of more advanced testing with Sqlmap. |
9. More Advanced Testing with Sqlmap - Demo This is a demo video of more advanced testing with Sqlmap. |
10. Bypassing Web Application Firewalls - Overview This video provides an overview of how to bypass web application firewalls. |
11. Bypassing Web Application Firewalls - Demo This is a demo video that shows how to bypass web application firewalls. |
12. Summary This video helps you with the summary of this section. |
3. Web Application Security Testing with Google Hacking
1. Introduction This video provides an introduction to the section. |
2. Google Hacking: Finding Directory Listings This video talks about how to find directory listings using Google Hacking. |
3. Google Hacking: Finding SQL Syntax Errors This video talks about how to find SQL syntax errors using Google Hacking. |
4. Google Hacking: Finding Publicly Exposed Backup Files This video talks about how to find publicly exposed backup files using Google Hacking. |
5. Google Hacking: Finding Internal Server Errors This video talks about how to find internal server errors using Google Hacking. |
6. Google Hacking: Finding Sensitive Data in URLs This video talks about how to find sensitive data in URLs using Google Hacking. |
7. Google Hacking: Finding Insecure HTTP Web Pages This video talks about how to find insecure HTTP web pages using Google Hacking. |
8. Google Hacking Database This video explains about the Google Hacking database. |
9. Case Study: Microsoft Yammer Social Network This is a case study of the security testing of Microsoft Yammer social network. |
10. How to Prevent Google Indexing from Happening This video demonstrates how to prevent Google Indexing from happening. |
11. Summary This video helps you with the summary of the entire section. |
4. Fuzzing with Burp Suite Intruder
1. The Basics of Fuzzing This video provides basic knowledge on Fuzzing. |
2. Fuzzing with Burp Suite Intruder - Overview This video provides you with an overview of Fuzzing with the help of Burp Suite Intruder. |
3. Fuzzing for SQL Injection - Demo This is a demo video on how to do Fuzzing for SQL injection. |
4. Fuzzing for Path Traversal - Demo This is a demo video on Fuzzing for path traversal. |
5. Fuzzing with Burp Suite Intruder - Tips and Tricks This video helps you with tips and tricks on Fuzzing with Burp Suite Intruder. You will learn some advanced tricks that can be used in your own projects as well. |
5. Exploiting Race Conditions with OWASP ZAP
1. Introduction This video provides an introduction to the section. |
2. Exploiting Race Conditions - Case 1 (Part1) This is the first of the two-part video on exploiting race conditions for case 1. Here, you would be looking at how hackers use multithreading conditions for stealing money from a bank. |
3. Exploiting Race Conditions - Case 1 (Part2) This is the first of the two-part video on exploiting race conditions for case 2. Here, you would be looking at how the hackers use another race condition for stealing money from a bank. |
4. Exploiting Race Conditions - Case 2 This video explains exploiting race conditions for case 2. Here, you would be looking at how the hackers reuse a one-time discount code. |
5. Case Studies of Award-Winning Race Condition Attacks This video explains some case studies of award-winning race condition attacks. |
Course Content
- Web Hacker's Toolbox - Tools Used by Successful Hackers
About The Provider
Packt
Birmingham
Founded in 2004 in Birmingham, UK, Packt’s mission is to help the world put software to work in new ways, through the delivery of effective learning and i...
Reviews
There are no reviews for Web Hacker's Toolbox - Tools Used by Successful Hackers yet.Why not be the first one to review this course?