
Explore the Python and Docker security lab environment, start with Python basics on tablet Linux, access web applications, and review lab resources, people, and files to download.
Explore basic arithmetic in Python: addition, subtraction, multiplication, and division, with round to control decimal places and checking integer values.
Demonstrates Python basics by building a server list, indexing and printing elements, and creating a web dictionary with apache and nginx values, then printing by key and by index.
Explore a Python basics project that uses a flowchart to drive a script, prompting for yes/y or no/n and advancing to a prototype process configuration.
Builds a Python project in a Linux terminal that validates yes or no input using a y_n function, while loops, and conditional logic to ensure correct prompts.
Explore how a network interface card, MAC and IP addresses, NAT, and DNS enable LAN and Internet access through routers, firewalls, and web servers via a client-server model.
Capture http traffic with tcpdump, study the tcp three-way handshake and push/ack flags, observe client–server exchanges on port 80, and note that full http data needs tools like burp suite.
Explore the lamp web development stack—linux, apache, mysql, php (or perl or python)—and learn how client and server exchange http requests, php connects to the database to generate dynamic html.
Explore web technology basics and test vulnerabilities from the OWASP ten, including broken access control, cryptography failures, and injection, using the same topology and lab environment in hands-on demonstrations.
Demonstrates how parameter tampering causes a data breach by editing the web app's address parameters and using wildcards, revealing names, emails, and credit card details.
Demonstrates hidden field manipulation in HTML forms, showing how hidden inputs can carry data like price or session IDs, and how testers use Burp Suite to test parameter tampering.
Explore how the find function retrieves html tags and attributes, returning single or multiple results and extracting attribute values such as method from forms.
Automate web registration by extracting a CSRF token, handling cookies, and posting username and password to the register endpoint; verify sign-in with a Python script using Saul Goodman.
Learn to access files in python with the open function, using write, read, append, and ex modes; store the handle in a variable and use read or write, then close.
Welcome to Python Programming & Cybersecurity - Web Attacks
In this course will be focusing on Python, Web Vulnerabilities and Web Attacks/Hacking.
The approach of this course is to learn Web Technologies, then understand how we apply automation Web Attack automation using Python scripts.
Learn the basics of Python and web vulnerabilities based on OWASP Top 10 ! This course provides you at least 30 python sample scripts design for aspiring Web Application Firewall specialist and Web Application Penetration Testers
The course consist of whiteboarding discussions and lots of hands-on lab demonstrations.
The lab includes Kali Linux which is attackers and couple of target websites that we will hack. One is PHP Hack it Auction Site and Sytx Show Blog/Vlog web site.
This is course also prepares student for F5 303 ASM Specialist Exam. The course requires you to have not just F5 BIG-IP knowledge but also understand the concepts of web technologies, different web vulnerabilities and web attacks
Target Audience
Python Programmers (Aspiring)
Web Application Specialist
F5 ASM/Adv WAF Specialist
Security Engineers
Penetration Testers
Expectations
Will cover basic Python
Will cover basic HTTP
Will cover basic web attacks
You won’t become a professional Hacker
Need to learn many things
Software Technologies
Linux – Kali, Ubuntu
Docker
Python 3.X
Web Applications – HackIT Auction and Styx Show Blog/Vlog site
Sections
Introduction
F5 BIG-IP, Python and Docker Security Lab
Python Programming
Python Basics
Web Technologies Basics
Web Application Vulnerabilities
Python for Web Applications
Web Attacks using Python Scripts
Completion