Web Application Penetration Testing
What you'll learn
- Learn the proper Penetration Testing process for Website Application
- Learn the difference between active and passive reconnaissance and how to leverage sites and tools to build a technical understanding of the target’s assets.
- Learn how to properly identify vulnerabilities
- Learn how to exploit vulnerabilities manually (via TryHackMe)
- Learn the basic components to write a professional penetration testing report for web application
- Patience and desire to learn
- A computing environment with at least 8GB of RAM and 20GB of disk space
- Latest VMware Player, VMware Workstation, or VMware Fusion installed. Other virtualization software such as Parallels or VirtualBox will probably work if the attendee is familiar with its functionality. However, VMware is most recommended.
- Comfort in the command line of Linux
- Basic IT knowledge
- Familiarity with programming concepts is recommended but not required
The Web App Penetration Testing course is an online and self-paced technical training course that provides all the basic skills necessary to carry out a thorough and professional penetration test against website applications.
This technical training course was designed for those having no experience in testing the security of a website application, but wanting to learn how to start and properly execute the website application penetration testing so that they can use it for their organization to effectively protect their assets against cyber attacks or for individuals who would like to kick-off their career in information security.
This technical training course will help students move beyond the push-button scanning to professional, thorough, and high-value web application penetration testing. This will also enable students to assess the website application's security posture and convincingly demonstrate the business impact should attackers exploit the discovered security vulnerability.
This technical training course will be updated from time to time based on the tactics, techniques and procedures of each security vulnerability. So purchasing this course gets you a lifetime access to all updates.
Note that this technical training course is meant for education purpose only. Any actions and/or activities related to the material contained within this course is solely your responsibility. The instructor will not be held responsible in the event any criminal charges be brought against any individuals misusing the information used in this course to break the law.
Who this course is for:
- Individuals who are interested in pursuing a career in Offensive Security
- Government and Private employees who would like to protect their website applications
- Security professionals who would like to transition from other areas of Cybersecurity to Offensive Security
AJ Dumanhug is the co-founder and infosec lead at Secuna, a Philippine-based cybersecurity firm that offers penetration testing services mainly to startups.
He has had the pleasure to mentor cybersecurity startups through Ideaspace Philippines, a well-known incubator and accelerator program that supports technology entrepreneurs in the Philippines.
He has five (5) years experience in teaching for college students and working professionals. He has created and facilitated technical trainings in University of the Philippines SITF, Adamson University CPDD, and De La Salle - College of St. Benilde SPaCE.
He is part of hackstreetboys, a professional Capture the Flag group, where they placed 3rd in the DEFCON 29 Red Team Village CTF against 650 teams world wide.
He has experience working with various companies through bug bounties. In 2019, he was invited by Facebook and Google in Singapore to compete in a private and invitation-only live hacking program where he placed 7th after discovering and reporting multiple bugs to Facebook and was rewarded best written report.
He has also earned several infosec certifications including the CEH, ECSA, CRTP, CRTE, PNPT, OSCP, OSWE, eCDFP, eCTHPv2, and eCIR.