Find online courses made by experts from around the world.
Take your courses with you and learn anywhere, anytime.
Learn and practice real-world skills and achieve your goals.
A verifiable Certificate of Completion is presented to all students who complete this course.
This short aims at familiarizing you to the basics of web application and penetration testing. However, we take a step further to explain the real life scope and application of this course. Once you have gone through the basics, you will gain control over a particular area of online security as your soon-to-be area of expertise.
In this course, we will take you through an array of manual penetration testing techniques. No understanding of special tools, or third party app download is required to get started. The focus of this course is manual testing, with their application applicable to real life internet security based scenarios. Besides, whatever you will learn throughout manual penetration testing courses, it is far better than automated tools etc.
Not for you? No problem.
30 day money back guarantee.
Learn on the go.
Desktop, iOS and Android.
Certificate of completion.
|Section 1: INTRODUCTION|
Introduction To Web Application Penetration TestingPreview
Introduction To OWASPPreview
|Section 2: GETTING STARTED|
Setting Up Security Testing Machine Part 1Preview
Setting Up Security Testing Machine Part 2
|Section 3: SVWA (Suruji Vulnerable Web Application) Installation|
SVWA OSX or Linux Installation
SVWA Windows Installation
|Section 4: GOOGLE HACKING AND GOOGLE DORKS|
|Section 5: INJECTION|
Basic Of SQL Injection
Basic SQL Injection With Login Query
Union Based SQL Injection
|Section 6: BROKEN AUTHENTICATION AND SESSION MANAGEMENT|
Basics Of Broken Authentication And Session Management
Authentication Bypass With Bruteforce
|Section 7: CROSS SITE SCRIPTING (XSS)|
Getting Start with XSS
Browser Based Xss
|Section 8: INSECURE DIRECT OBJECT REFERENCES|
Basics Of Insecure Direct Object References
|Section 9: SECURITY MISCONFIGURATION|
Basic Of Security MisConfiguration
|Section 10: SENSITIVE DATA EXPOSURE|
Introduction To Sensitive Data Exposure
|Section 11: MISSING FUNCTIONAL LEVEL ACCESS CONTROL|
Basics Of Functional Level Access Control
|Section 12: USING COMPONENT WITH KNOWN VULNERABILITY|
Getting Start With Components With Known Vulnerability
|Section 13: CROSS SITE REQUEST FORGERY (CSRF/XSRF)|
Cross Site Request Forgery
Cross Site Request Forgery Bypass
|Section 14: UNVALIDATED REDIRECTS AND FORWARDS|
Basics On Unvalidated Redirect And Forwards
|Section 15: BUSINESS LOGIC VULNERABILITIES|
What Is Business Logical Issues?
|Section 16: CONCLUSION|
Hello there, I am Atul Shedage, some of you may know me as the core course instructor at Suruji.Com. However, it took me several years of hard work, willingness and sheer sense of self teaching methodologies to found this platform.
With 4 years of experience in internet security, and a series of endorsements and acknowledgements from popular companies, such as, but not limited to:
My intention is to motivate youngsters who have no direction when it comes to choosing online security as a fulltime career. As co-founder an instructor at Suruji.com, I am taking part in imparting knowledge to today’s enthusiasts who would later on become an asset to the World Wide Web community.