Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS CompTIA Security+ AWS Certified Developer - Associate
Graphic Design Photoshop Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Figure Drawing
Life Coach Training Neuro-Linguistic Programming Personal Development Mindfulness Meditation Personal Transformation Life Purpose Emotional Intelligence Neuroscience
Web Development JavaScript React CSS Angular PHP WordPress Node.Js Python
Google Flutter Android Development iOS Development Swift React Native Dart Programming Language Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Google Ads (AdWords) Certification Marketing Strategy Internet Marketing YouTube Marketing Email Marketing Google Analytics
SQL Microsoft Power BI Tableau Business Analysis Business Intelligence MySQL Data Analysis Data Modeling Big Data
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Online Business Business Plan Startup Freelancing Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee
IT & Software Other IT & Software OWASP

OWASP Top 10 2017: Exploit and Mitigation

Web Application Pentesting and Mitigations
Rating: 4.4 out of 54.4 (35 ratings)
8,966 students
Created by Nayan Das
Last updated 6/2020
English
30-Day Money-Back Guarantee

What you'll learn

  • Web Application Pentesting
  • Completing 20 exercise of Mutillidae Vulnerable Web Application
  • OWASP top 10 2017
  • Mitigations for each vulnerability
  • Secure code for mitigation

Requirements

  • This course is for beginners
  • Basic knowledge of OWASP top 10
  • Basics of using Burp Suite and Proxy
  • Burpsuite and Browser Setup

Description

We will be looking at the OWASP Top 10 web attacks 2017. Students are going to understand each attack by practicing them on their own with the help of this course. We will use Mutillidae 2 Vulnerable Web Application for all attack practice. We will start from setting up the lab to exploiting each vulnerability.

This course not just focuses on attacks but also helps understanding the mitigations for each vulnerability.

Students will understand the mitigations through Secure Source Codes and Best Practices provided in this course that should be followed by the developers to protect their web application from these vulnerabilities.

Who this course is for:

  • Beginner ethical hacking students
  • Students who want to learn Web Application Pentesting
  • Students who want to perform exercises on Mutillidae Vulnerable Application
  • Students who want to learn about the Mitigations of each vulnerability in OWASP top 10 2017

Course content

4 sections • 32 lectures • 1h 38m total length

  • Preview01:24

  • Lab Setup
    05:53

  • Union Based Injection
    08:32
  • Command Injection
    02:00
  • Authentication Bypass
    01:20
  • Injection Using Sqlmap
    03:33
  • Login Bruteforce
    02:47
  • User Enumeration
    02:34
  • Sensitive Data Exposure
    01:12
  • "Secret" Administrative Page
    03:25
  • XML External Entities
    02:25
  • Local File Inclusion
    00:33
  • Text File Viewer
    01:42
  • Missing Function Level Access Control
    01:00
  • Privilege Escalation
    02:18
  • Directory Browsing
    01:21
  • Reflected XSS
    03:04
  • Stored XSS
    01:41
  • DOM Based XSS
    02:03
  • Insecure Deserialization
    01:48
  • Using Components with Known Vulnerabilities
    01:25
  • Insufficient Logging and Monitoring
    01:39

  • A1
    03:36
  • A2
    04:33
  • A3
    05:26
  • A4
    04:51
  • A5
    05:57
  • A6
    05:33
  • A7
    04:15
  • A8
    03:42
  • A9
    02:42
  • A10
    04:17

Instructor

Nayan Das
Instructor at Udemy
Nayan Das
  • 4.1 Instructor Rating
  • 240 Reviews
  • 30,268 Students
  • 2 Courses

Hi Students!

I work as a Security Researcher and have completed my post-graduation in the field of Cybersecurity and Law. While having my education I believed that sharing my knowledge with other students was really very important to help them achieve the required basics and hence I have started designing short and effective courses covering different areas of cybersecurity, starting from Web Application Security and Android Penetration Testing courses. Till now these courses have received a great attraction and were successfully enrolled by 30k plus students and cybersecurity enthusiasts from more than 160 countries around the world.


As of my achievements I have published two research papers on Exploitdb and a few acknowledgments for finding bugs on web applications. I will keep adding such easy and short courses on Udemy and help new students to have access to the basic practical knowledge required in this field.

  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.