
Web Application Pentest Assessment (WAPA) is a hands-on course that you will learn how to discover, assess, exploit and remediate a lot of web application vulnerabilities.
WAPA is for beginner-levels only who is passionate about learning and digging more into cyber security specially in web application penetration testing track.
WAPA is Arabic-spoken course carefully designed for beginners with fair Linux background and NO web development background needed.
WAPA is not only for cybersecurity guys but also for IT professionals, computer science students, web developers and techy geeks.
WAPA is hands-on course covers most of OWASP web application Top 10 vulnerabilities with different mitigation recommendations for each discovered vulnerabilities discussed through the course.
WAPA covers the following topics:
Virtualization
Kali Linux
OSI layers
Web infrastructure
Front-end vs. Back-end
HTTP requests and responses
Interception (Burp Suite)
SOP
Cookies & sessions
Session management
Content Management System (CMS)
OWASP
Brute-force and dictionary attacks
Encryption, decryption, hashing, HMAC, encoding, decoding and digital signature
SQL injection (Error-based, blind-based)
XSS attack (Reflected, Stored and DOM-based)
Command injection
Authentication attacks
Authorization attacks
Session management attacks
JWT attacks
Path traversal attack
Local File Inclusion (LFI)
Remote File Inclusion (RFI)
Unrestricted file upload
Penetration testing methodology
CVSS v3 scoring system
Penetration testing reporting
At the end of the course you will be able to conduct real-world web penetration testing engagement and deliver a professional penetration testing report.