Kali Linux Web App Testing

Leverage the true power of Kali Linux with the help of its tools and take your app security to the next level
4.6 (26 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
552 students enrolled
$75
Take This Course
  • Lectures 29
  • Contents Video: 3 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 6/2015 English

Course Description

With an ever-changing online environment, security is a constantly growing concern. It's hard for web developers to keep up with new and emerging techniques that attackers may use to hack into a site. In such a scenario, Kali Linux emerges as a powerful package to penetration test your website or application.

Kali Linux Web App Testing will help you prevent different cyber attacks from basic vulnerabilities to ones less spoken of. Firstly, you will be introduced to injection techniques such as SQL injection along with SQLMap. After that, you'll learn what XSS injection is and how to use XSSER against it. Then you'll walk through local and remote file inclusions and ways to counteract them. You'll also learn other cyber invasions such as Remote Command Execution and Cross Site Request Forgery. Furthermore, you'll see what Open Redirects and Open Proxies are and how to tackle them. Finally, you'll learn the concept of Clickjacking and how to avoid it. Towards the end of this course, you'll not only be familiar with various cyber attacks and vulnerabilities, but also know different approaches to deal with them.

The course follows a strict hands-on approach; combined with practical examples, it will help you to understand, how these attacks work and how to combat them effectively.

About the Author

Jack (linkcabin) is a UK-based independent security researcher, who has a huge passion for information security. He loves reverse engineering, finding vulnerabilities in web applications, and creating video content. He is in the Halls of Fame of Netflix, AT&T, and eBay. Jack also catalogues some of his more technical findings on a blog, and various information security professionals read about them. Much of his day is spent e-mailing companies about vulnerabilities that he comes across in their websites. He finds the offensive side of security an interesting area, and is passionate about researching and communicating with various people about the importance of security. He also aims to change the existing public opinion on hackers.

What are the requirements?

  • No matter whether you are familiar to Kali Linux or totally new to it, this course will guide you through all the essential tools to kick-start app testing.

What am I going to get from this course?

  • Understand what SQL injection is and coupled with SQLMap, how it can infiltrate your system
  • Protect your system against XSS vulnerabilities by using XSSER
  • Safeguard user credentials by figuring out how Bruteforcing works
  • Get to know Remote Command Execution and how it can affect your system
  • Analyze Cross-Site Request Forgery attacks to defend your system against them
  • Inspect open proxies and open redirects to shield your system from them
  • Understand Clickjacking and the best approach to elude it

What is the target audience?

  • If you're a web developer who wants to make their app impenetrable, then this course is perfect for you.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Understanding the Basics
04:15

Talk about different features that Kali Linux has to offer.

08:50

Create our work environment to work with Kali Linux.

05:21

Understand the basic concepts of Kali Linux.

Section 2: Security Vulnerabilities – A Website's Worst Case Scenario
07:55

Understand how to trigger SQL errors to show a possibility of a SQL Injection.

07:56

Learn about some of sqlmap's command-line arguments.

09:10

Explain the more obscure arguments.

04:21

Learn what the concept of XSS is.

06:50

Working with XSSER in GUI.

07:50

Filtering out injections correctly.

Section 3: Securing Your Files – No File Is Safe
06:49

Get familiarized with the concept of LFI and RFI, and know how dangerous they are.

04:17

Use Fimap to identify LFI and RFI vulnerabilities.

04:09

Understand directory traversal and fix RFI/LFI/Directory Traversal.

Section 4: Avoiding Forced Attacks
04:25

Understand the basics of brute-forcing.

09:29

Explore the fundamentals of Hashcat.

07:30

Discuss the concept of form brute-forcing.

07:24

Discover how powerful Hydra can be.

Section 5: New Tools in the Arsenal
08:24

Learn about the various parts of vulnerability scanners.

06:06

Study the main concept of open redirects and open proxies.

06:24

Know what remote command execution is.

05:26

Understand the term "Information Disclosure."

04:42

How tampering data can be useful in a manual scan of a site.

Section 6: Silent Manipulation with CSRF
04:10

Understand what CSRF is and what the consequences of having this vulnerability could be.

08:33

Learn to use testing tools for the proof of concept and examples of CSRF.

07:11

Learning common defenses against CSRF.

Section 7: Extra Measures for the Shop
06:32

Review the features of OWASP ZAP to analyze a site effectively.

03:57

Learn what two-factor authentication is and how it can be effective.

05:47

Understand how weak passwords can be mitigated and how to possibly defend against phishing.

06:26

Comprehend what clickjacking is and the defenses.

04:43

Wrap up the course.

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Packt Publishing, Tech Knowledge in Motion

Over the past ten years Packt Publishing has developed an extensive catalogue of over 2000 books, e-books and video courses aimed at keeping IT professionals ahead of the technology curve. From new takes on established technologies through to the latest guides on emerging platforms, topics and trends – Packt's focus has always been on giving our customers the working knowledge they need to get the job done. Our Udemy courses continue this tradition, bringing you comprehensive yet concise video courses straight from the experts.

Ready to start learning?
Take This Course