Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS CompTIA Security+ Microsoft AZ-900
Graphic Design Photoshop Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Figure Drawing
Life Coach Training Neuro-Linguistic Programming Personal Development Mindfulness Personal Transformation Life Purpose Meditation CBT Emotional Intelligence
Web Development JavaScript React CSS Angular PHP Node.Js WordPress Vue JS
Google Flutter Android Development iOS Development React Native Swift Dart Programming Language Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Google Ads (AdWords) Certification Marketing Strategy Internet Marketing YouTube Marketing Email Marketing Retargeting
Microsoft Power BI SQL Tableau Business Analysis Data Modeling Business Intelligence MySQL Data Analysis Blockchain
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Business Plan Startup Online Business Freelancing Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee
IT & Software Network & Security Penetration Testing

Learn web application penetration testing from %00

Learn to exploit web application vulnerabilities methodically
Rating: 4.1 out of 54.1 (16 ratings)
5,071 students
Created by Adriano Gattabuia
Last updated 6/2018
English
English [Auto]
30-Day Money-Back Guarantee

What you'll learn

  • You will be able to perform a web penetration testing engagement from start to finish
  • You will be able to discover and exploit web application vulnerabilities

Requirements

  • A fairly powerful PC to handle the Kali and the vulnerable virtual machine concurrently, 8 GB of RAM is recommended, a i5 processor
  • Knowledge of web technologies like SQL, HTML, JavaScript, PHP
  • Knowledge of the HTTP protocol
  • Knowledge of Linux, the bash command line
  • Dedication, patience and persistence

Description

In this ethical hacking course you'll learn how to exploit the vulnerabilities found in web applications and web servers following the OWASP Testing Guide framework, used by companies all over the world to perform web penetration testing engagements.


A vulnerable virtual machine, Web Sec Target Practice, is provided with the course for  you to practice the various phases of the penetration testing assessment.

We'll predominantly use the Burp Suite Community edition and open source Kali tools  throughout the entire course to test the infrastructure of the web server, brute force authentication forms, tamper with header attributes, perform XSS, SQL, command injections and other injection variants. We'll also develop a buffer overflow exploit step by step.

Who this course is for:

  • Anyone interested in learning web application penetration testing

Course content

8 sections • 23 lectures • 3h 38m total length

  • Preview04:41
  • Preview10:49

  • Preview09:44
  • Fingerprinting and mapping the application architecture
    09:38
  • Test the network/infrastructure configuration
    12:59
  • Stack traces and error codes information leakage
    05:59

  • Identity management testing
    07:48
  • Authentication testing
    15:36
  • Authorization testing
    11:38

  • Bypassing the session management schema, tampering with cookie attributes
    05:50
  • Testing for Session Fixation and Cross Site Request Forgery
    09:54

  • Cross-Site Scripting
    07:41
  • SQL, ORM, XPath, IMAP/SMTP injection
    13:46
  • LDAP, XML, SOAP injection
    11:11
  • Preview06:50
  • Testing for HTTP verb tampering, parameter pollution, splitting/smuggling
    10:02
  • Testing for buffer overflows
    20:49

  • Weak SSL/TLS ciphers, weak encryption
    03:19
  • Testing for Padding Oracle
    04:14
  • Testing business logic data validation, testing against application mis-use
    09:24
  • Testing the upload of malicious files
    13:19

  • DOM based XSS, HTML injection, Clickjacking
    09:19

  • Where to go from here
    03:52

Instructor

Adriano Gattabuia
Security engineer, software developer
Adriano Gattabuia
  • 4.1 Instructor Rating
  • 452 Reviews
  • 11,470 Students
  • 16 Courses

Amo lo studio ed ho lavorato sia come sviluppatore software che come penetration tester negli ultimi sei anni.

Ho iniziato ad insegnare su Udemy tramite il progetto Prime Radiant Security all'inizio del 2018.

Ho divorato centinaia di videocorsi e libri per tutta la vita, sono qui a condividere un'estensione delle conoscenze nate anche da problemi risolti efficientemente nella vita reale.

Credo che la teoria e la pratica debbano essere scrupolosamente equilibrate per evitare caotici approfondimenti da una parte ed evitare la noia e la frustrazione dall'altra.

I've been studying for a lifetime and have been working as both a software developer and as a penetration tester for the past six years. 

I've started teaching through the Prime Radiant Security project at the start of 2018.

I have devoured tons of video courses and books in my life, I'm here to share an extension of the knowledge born out of real life problems I have managed to solve, in the most efficient way possible.

I believe that theory and practice should be carefully balanced in order to avoid further research to understand specific subjects on one hand and to avoid boredom or frustration on the other.

  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Impressum Kontakt
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.