Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS CompTIA Security+ AWS Certified Developer - Associate
Graphic Design Photoshop Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Figure Drawing
Life Coach Training Neuro-Linguistic Programming Personal Development Mindfulness Personal Transformation Meditation Life Purpose Coaching Emotional Intelligence
Web Development JavaScript React CSS Angular PHP WordPress Node.Js Python
Google Flutter Android Development iOS Development Swift React Native Dart Programming Language Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Google Ads (AdWords) Certification Marketing Strategy Internet Marketing YouTube Marketing Email Marketing Retargeting
SQL Microsoft Power BI Tableau Business Analysis Business Intelligence MySQL Data Analysis Data Modeling Data Cleaning
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Online Business Business Plan Startup Freelancing Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee

This course includes:

  • 3.5 hours on-demand video
  • 24 downloadable resources
  • Full lifetime access
  • Access on mobile and TV
IT & Software Network & Security Kali Linux

Kali Linux Web App Pentesting Labs

Learn how to hack web applications with a real cybersecurity professional!
Rating: 4.3 out of 54.3 (378 ratings)
4,007 students
Created by Jesse Kurrus, M.S., OSCP, CEH, Security+, Linux+, Network+, CISSP
Last updated 4/2020
English
English [Auto]
30-Day Money-Back Guarantee

What you'll learn

  • Build your own penetration testing lab environment
  • Discover vulnerabilities in web applications automatically and manually
  • Escalate privileges within Linux
  • Local and remote buffer overflow
  • SQL Injection
  • Cross Site Scripting
  • Exploitation of various web-based vulnerabilities
Curated for the Udemy for Business collection

Requirements

  • Basic networking experience
  • Familiarity with Windows and Linux
  • Kali Linux
  • Beebox
  • SQLi Labs
  • OWASP Juice Shop
  • WebGoat
  • VirtualBox (preferred) or VMware

Description

Welcome to my Kali Linux Web App Pentesting Labs course!  This course will be 100% hands-on, focusing specifically on exploitation of vulnerable web applications. We’ll be building a lab environment consisting of Kali Linux, and several intentionally vulnerable web applications including Beebox, SQL injection labs, OWASP Juice Shop, and WebGoat.

Through the duration of this course, we’ll be focusing upon the most prevalent web application vulnerabilities and how to exploit them. As a framework for our learning approach, we’ll be using the most recent version of OWASP at the time of this recording, which is OWASP 2017 top 10. OWASP is an organization which focuses upon improving the security of web applications and is a fundamental and necessary component to learn for aspiring pentesters. We'll be covering OWASP 1-9, because 10 does not apply specifically to pentesting, and is focused on the defensive side. Additionally, we'll be covering each of these in great detail over this course.

The primary topics within this course are both manual and automated methods of detection and exploitation of web application web application vulnerabilities. You'll be getting hands-on exposure to industry standard tools such as Burpsuite, Nmap, Nikto, Sqlmap, and many more. From what I've seen over the years in cybersecurity academia, including certifications, hands-on skills are highly lacking, save for the offensive security certs. This is because the majority of courses I've seen only teach theory, and have students prove their competency through writing and answering multiple choice questions. This does not prepare one for the real world, especially for pentesting where technical skills are paramount. This course aims to bridge that gap.

The beginning of this course will consist of downloading, installing, and configuring the components necessary for comprehensive hands-on web application penetration testing in a lab environment. Please get ready to hit the ground running and follow along with these labs, as we’ll be getting started right away in the subsequent lecture.

I really look forward to working with all of you. If you have any questions during any of the labs, please feel free to reach out to me directly with the messaging system or Q&A section.

Who this course is for:

  • OSCP candidates
  • CEH candidates
  • Penetration testers
  • Cybersecurity professionals
  • Cybersecurity/IT students
  • Pentest+ candidates

Featured review

Daniel Patton
Daniel Patton
34 courses
4 reviews
Rating: 5.0 out of 5a year ago
This course was great and dove right into the material I was looking for. The instructor was clear, revisited concepts where necessary and demonstrates how each of the tools interact with one another.

Course content

2 sections • 25 lectures • 3h 38m total length

  • Preview02:48

  • Bonus Lab - Kali Linux 2020
    02:58
  • Preview05:33
  • SQLi Labs Setup
    Preview07:42
  • WebGoat 8 Setup
    02:44
  • OWASP Juice Shop Setup
    02:43
  • bWAPP / bee-box Setup
    04:28
  • Preview09:59
  • Preview09:34
  • OWASP A1 Injection Labs Pt 3
    15:41
  • OWASP A1 Injection Labs Pt 4
    15:56
  • OWASP A1 Injection Labs Pt 5
    11:05
  • OWASP A2 Broken Authentication and Session Mgmt
    12:17
  • OWASP A3 Sensitive Data Exposure
    09:49
  • OWASP A4 XML External Entities (XXE)
    06:32
  • OWASP A5 Broken Access Control IDOR and Missing Function Pt 1
    15:22
  • OWASP A5 Broken Access Control IDOR and Missing Function Pt 2
    05:13
  • OWASP A6 Security Misconfiguration Pt 1
    11:42
  • OWASP A6 Security Misconfiguration Pt 2
    08:35
  • OWASP A7 Cross Site Scripting (XSS) Pt 1
    13:13
  • OWASP A7 Cross Site Scripting (XSS) Pt 2
    09:57
  • OWASP A7 Cross Site Scripting (XSS) Pt 3
    04:45
  • OWASP A8 Insecure Deserialization
    07:56
  • OWASP Juice Shop Pentesting Exercise
    09:54
  • OWASP A9 Using Components with Known Vulnerabilities Pt 1
    11:38

Instructor

Jesse Kurrus, M.S., OSCP, CEH, Security+, Linux+, Network+, CISSP
Senior Penetration Tester and Technical Trainer
Jesse Kurrus, M.S., OSCP, CEH, Security+, Linux+, Network+, CISSP
  • 4.4 Instructor Rating
  • 3,577 Reviews
  • 39,531 Students
  • 7 Courses

Summary: Jesse Kurrus is a cybersecurity expert with a breadth and depth of knowledge, professional experience, and top of the line credentials directly related to his field of expertise. He has provided quality training for thousands of students online, has mentored them one-on-one, and has coached many to acquire jobs in the cyber field. Professional strengths include security analysis, intrusion detection, ethical hacking, penetration testing, training, and technical writing. Jesse has a true passion for cybersecurity and information technology, and an insatiable ambition to further his knowledge and professional skill set. 

Specialties: Intrusion Detection / Network Security Monitoring (Security Onion, Snort, Bro, and Suricata); SIEM Technology (Elasticsearch, Logstash, Kibana (ELK), ArcSight, and Splunk); PCAP analysis (Tcpdump, Wireshark, NetworkMiner, NetWitness/Security Analytics); Penetration Testing (Kali Linux, BurpSuite, Nikto, Nmap, Metasploit, etc.)

Current Degrees/Certifications:  M.S. in Information Technology with Information Assurance Specialization / B.S. in Computer Networks and Security / Network+, A+, Security+, Linux+, Certified Ethical Hacker v8 (CEH), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), eLearnSecurity Web application Penetration Tester (eWPT)

  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.