Basics Of Web Application Penetration Testing

This short aims at familiarizing you to the basics of web application and penetration testing
3.2 (50 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
983 students enrolled
$20
Take This Course
  • Lectures 29
  • Contents Video: 2.5 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 5/2014 English

Course Description

A verifiable Certificate of Completion is presented to all students who complete this course.


This short aims at familiarizing you to the basics of web application and penetration testing. However, we take a step further to explain the real life scope and application of this course. Once you have gone through the basics, you will gain control over a particular area of online security as your soon-to-be area of expertise.

In this course, we will take you through an array of manual penetration testing techniques. No understanding of special tools, or third party app download is required to get started. The focus of this course is manual testing, with their application applicable to real life internet security based scenarios. Besides, whatever you will learn throughout manual penetration testing courses, it is far better than automated tools etc.

What are the requirements?

  • Working Internet Connection
  • Basic IT Skills

What am I going to get from this course?

  • In This Course, you will learn How to Pentest any Web Application
  • You will learn how to make own google dork and some advance google dorking techniques
  • You will learn how to find Subdomains of any website
  • You will learn how to find Cross Site Scripting Vulnerability By Analysing the output source code
  • You will learn About SQL Injection techniques
  • You will learn how to detect CSRF Vulnerability in manual mode
  • You will learn All OWASP Top 10 Vulnerability
  • You will see all real life examples e.g vulnerability i found in big tech companies like Yahoo,Parse etc

What is the target audience?

  • You
  • Students
  • Web Masters
  • Web Developer
  • Computer Geeks
  • IT Security Professionals
  • Anyone Who Interested In Securing Web Applications

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: INTRODUCTION
Caution
Preview
00:10
About Course
Preview
01:31
Introduction To Web Application Penetration Testing
Preview
05:32
Introduction To OWASP
Preview
02:00
Section 2: GETTING STARTED
Setting Up Security Testing Machine Part 1
Preview
06:20
Setting Up Security Testing Machine Part 2
04:24
Section 3: SVWA (Suruji Vulnerable Web Application) Installation
SVWA OSX or Linux Installation
11:12
SVWA Windows Installation
11:23
Section 4: GOOGLE HACKING AND GOOGLE DORKS
Google Dorking
05:49
Finding Subdomains
06:26
Section 5: INJECTION
Basic Of SQL Injection
01:26
Basic SQL Injection With Login Query
04:08
Union Based SQL Injection
06:07
Section 6: BROKEN AUTHENTICATION AND SESSION MANAGEMENT
Basics Of Broken Authentication And Session Management
01:20
Authentication Bypass With Bruteforce
07:39
Username Enumeration
04:32
Section 7: CROSS SITE SCRIPTING (XSS)
Getting Start with XSS
02:56
Reflected XSS
06:43
Browser Based Xss
08:01
Section 8: INSECURE DIRECT OBJECT REFERENCES
Basics Of Insecure Direct Object References
07:18
Section 9: SECURITY MISCONFIGURATION
Basic Of Security MisConfiguration
06:54
Section 10: SENSITIVE DATA EXPOSURE
Introduction To Sensitive Data Exposure
01:55
Clickjacking
04:31
Section 11: MISSING FUNCTIONAL LEVEL ACCESS CONTROL
Basics Of Functional Level Access Control
07:13
Section 12: USING COMPONENT WITH KNOWN VULNERABILITY
Getting Start With Components With Known Vulnerability
03:18
Section 13: CROSS SITE REQUEST FORGERY (CSRF/XSRF)
Cross Site Request Forgery
04:31
Cross Site Request Forgery Bypass
04:31
Section 14: UNVALIDATED REDIRECTS AND FORWARDS
Basics On Unvalidated Redirect And Forwards
03:14
Section 15: BUSINESS LOGIC VULNERABILITIES
What Is Business Logical Issues?
04:24
Section 16: CONCLUSION

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Atulkumar Shedage, Instructor at Suruji

Hello there, I am Atul Shedage, some of you may know me as the core course instructor at Suruji.Com. However, it took me several years of hard work, willingness and sheer sense of self teaching methodologies to found this platform.

With 4 years of experience in internet security, and a series of endorsements and acknowledgements from popular companies, such as, but not limited to:

  • Google
  • Facebook
  • Yahoo
  • Twitter
  • Ifixit
  • BugCrowd
  • And Many More

My intention is to motivate youngsters who have no direction when it comes to choosing online security as a fulltime career. As co-founder an instructor at Suruji.com, I am taking part in imparting knowledge to today’s enthusiasts who would later on become an asset to the World Wide Web community.

Ready to start learning?
Take This Course