Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Be a Web Application Penetration Tester from Scratch
Rating: 3.8 out of 5(54 ratings)
692 students

Be a Web Application Penetration Tester from Scratch

A perfect balance in theory and practical to earn 2000$ bug bounty programs as a Penetration Tester
Last updated 4/2015
English

What you'll learn

  • Perform a penetration test over web applications
  • Every insights of pentesting as an Industry Standards
  • Write a formal pentesting report
  • Earn by hunting Bugs in Web applications
  • Helpful in students pursuing Master or Ph. D Degree in Information Security

Course content

9 sections57 lectures5h 16m total length
  • What is Pentesting and Web Pentesting.6:43

    Pentesting is the method of finding bugs and vulnerabilities in any web based application. There are many types of pentesting and in this course we will take a look for web application pentesting. Although there are many types of pentesting but lets focus on web app pentesting in this course.

  • Common terminologies in Penetration Testing5:19

    To learn any new topic, the first barrier is new terms. Once we are comfortable with new terminologies then we can understand the further course much better. Terms like vulnerabilities, exploitation are crucial in order to understand web application pentesting.

  • Box Based testing: Black Box, White Box and Grey Box3:21

    According to book guidance, pentesting is divided in various level on the amount of knowledge. Black box is considered as no prior knowledge level testing. In White box testing, pentester have great amount of knowledge from inside of the company team.

  • Fundamentals of Attacking for Vulnerability Assessment.8:20

    There are few fundamental rules while doing pentesting. What is your target, what kind of information that you need to grab for a client. Ask the client for the tools that are not allowed. Having this list will help to generate a nice report for the client.

  • Tools of Trade for Pentester5:17

    Every pentester needs some tools under his belt. Most of the experienced pentester like to have custom designed or self designed automation tools. But there are few trusted and heavily used tools too. An ideal pentester should be atleast aware of all such tools

  • Steps to conduct Penetration testing7:06

    Just visiting the website and start hunting for XSS and sql injection is not a professional way to handle pentesting for clients. Don't ever do that. There are few definite steps that you need to follow. This video will help you to understand the importance of those steps.

  • OWASP top 10 vulnerability and guidelines8:13

    OWASP aka Open Web Application Security Project is an initiative to make sure that all developers follow a guideline to secure their application. OWASP has also mentioned some major vulnerabilities or can be said as common mistakes, due to which most of the application are compromised.

  • What we did so far: Summary1:23

    This movie will talk about, what we have done so far in the course. It will help you to make sure that we all are on same page.

Requirements

  • No Coding required
  • basic knowledge of Website related Ternimologies
  • Kali Linux (available for free)
  • Virtual Player / Virtual Box

Description

Do you know that web application pentesters are earning 100's of dollars by submitting bugs to various reputed websites. Now there is a legal way by which you can report bugs and vulnerability to websites and in return you can get reward money.

What is this course about?

This is an ideal course to learn penetration testing from scratch. This course requires no coding skills yet you will be able to perform and create great reports on pentesting for clients. Pentesting is second highest paid job with lots of empty space according to Forbes.

Everyone is learning to create, someone has to take the responsibility to secure that creation.

Penetration testing is a step by step procedure to test an application for various security flaws. These flaws can compromise a website at various levels like database leak, client information leak or may involve monetary leak too.

A lot of new pentester learn a few slings to hack the application but approaching client in a formal way, doing a procedural pentest and documenting a report is a different game. In this course you will learn about all types of vulnerabilities, exploitation of web application, impact of flaws and finally we will cover the steps to write a report.

Traditional companies rely on Firewalls and network security. Attack vectors based on web application will not trigger alarm for it. Specially the new application that are based on CMS like wordpress are getting hacked often. A whole lot ground is covered in this course.

Updates in this course.

You might notice a few small topics being missed out. Web security is a big monster, that is why we have decided to roll out the course and in the mean while we will be updating the course on monthly basis. There will be no charge for extra lecture added but course prize may increase at latter stage.

No coding experience, No Prior Knowledge; Just start your journey as WEB APPLICATION PENTESTER.

Who this course is for:

  • Information Security Researchers
  • Web Developers
  • Start ups
  • Students
  • Security auditors
  • Bug hunter