Buying for a Team? Gift This Course
Wishlisted Wishlist

Please confirm that you want to add Kali Linux Web App Testing to your Wishlist.

Add to Wishlist

Kali Linux Web App Testing

Leverage the true power of Kali Linux with the help of its tools and take your app security to the next level
4.0 (42 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
842 students enrolled
Last updated 6/2015
English
$10 $75 87% off
2 days left at this price!
30-Day Money-Back Guarantee
Includes:
  • 3 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Have a coupon?
What Will I Learn?
Understand what SQL injection is and coupled with SQLMap, how it can infiltrate your system
Protect your system against XSS vulnerabilities by using XSSER
Safeguard user credentials by figuring out how Bruteforcing works
Get to know Remote Command Execution and how it can affect your system
Analyze Cross-Site Request Forgery attacks to defend your system against them
Inspect open proxies and open redirects to shield your system from them
Understand Clickjacking and the best approach to elude it
View Curriculum
Requirements
  • No matter whether you are familiar to Kali Linux or totally new to it, this course will guide you through all the essential tools to kick-start app testing.
Description

With an ever-changing online environment, security is a constantly growing concern. It's hard for web developers to keep up with new and emerging techniques that attackers may use to hack into a site. In such a scenario, Kali Linux emerges as a powerful package to penetration test your website or application.

Kali Linux Web App Testing will help you prevent different cyber attacks from basic vulnerabilities to ones less spoken of. Firstly, you will be introduced to injection techniques such as SQL injection along with SQLMap. After that, you'll learn what XSS injection is and how to use XSSER against it. Then you'll walk through local and remote file inclusions and ways to counteract them. You'll also learn other cyber invasions such as Remote Command Execution and Cross Site Request Forgery. Furthermore, you'll see what Open Redirects and Open Proxies are and how to tackle them. Finally, you'll learn the concept of Clickjacking and how to avoid it. Towards the end of this course, you'll not only be familiar with various cyber attacks and vulnerabilities, but also know different approaches to deal with them.

The course follows a strict hands-on approach; combined with practical examples, it will help you to understand, how these attacks work and how to combat them effectively.

About the Author

Jack (linkcabin) is a UK-based independent security researcher, who has a huge passion for information security. He loves reverse engineering, finding vulnerabilities in web applications, and creating video content. He is in the Halls of Fame of Netflix, AT&T, and eBay. Jack also catalogues some of his more technical findings on a blog, and various information security professionals read about them. Much of his day is spent e-mailing companies about vulnerabilities that he comes across in their websites. He finds the offensive side of security an interesting area, and is passionate about researching and communicating with various people about the importance of security. He also aims to change the existing public opinion on hackers.

Who is the target audience?
  • If you're a web developer who wants to make their app impenetrable, then this course is perfect for you.
Students Who Viewed This Course Also Viewed
Curriculum For This Course
Expand All 29 Lectures Collapse All 29 Lectures 03:04:52
+
Understanding the Basics
3 Lectures 18:26

Talk about different features that Kali Linux has to offer.

Course Overview
04:15

Create our work environment to work with Kali Linux.

Taking the First Steps
08:50

Understand the basic concepts of Kali Linux.

Using Kali Linux
05:21
+
Security Vulnerabilities – A Website's Worst Case Scenario
6 Lectures 44:02

Understand how to trigger SQL errors to show a possibility of a SQL Injection.

Preview 07:55

Learn about some of sqlmap's command-line arguments.

sqlmap Part 1
07:56

Explain the more obscure arguments.

sqlmap Part 2
09:10

Learn what the concept of XSS is.

Types of Cross-site Scripting (XSS)
04:21

Working with XSSER in GUI.

Working with XSSER
06:50

Filtering out injections correctly.

Filtering and Validation
07:50
+
Securing Your Files – No File Is Safe
3 Lectures 15:15

Get familiarized with the concept of LFI and RFI, and know how dangerous they are.

Preview 06:49

Use Fimap to identify LFI and RFI vulnerabilities.

Fimap
04:17

Understand directory traversal and fix RFI/LFI/Directory Traversal.

Directory Traversal
04:09
+
Avoiding Forced Attacks
4 Lectures 28:48

Understand the basics of brute-forcing.

Hash Brute-forcing
04:25

Explore the fundamentals of Hashcat.

Hashcat
09:29

Discuss the concept of form brute-forcing.

Form Brute-forcing
07:30

Discover how powerful Hydra can be.

Hydra
07:24
+
New Tools in the Arsenal
5 Lectures 31:02

Learn about the various parts of vulnerability scanners.

Preview 08:24

Study the main concept of open redirects and open proxies.

Open Redirects and Open Proxies
06:06

Know what remote command execution is.

Remote Command Execution (RCE)
06:24

Understand the term "Information Disclosure."

Information Disclosure
05:26

How tampering data can be useful in a manual scan of a site.

Tampering Data in Packets
04:42
+
Silent Manipulation with CSRF
3 Lectures 19:54

Understand what CSRF is and what the consequences of having this vulnerability could be.

Preview 04:10

Learn to use testing tools for the proof of concept and examples of CSRF.

CSRF Tester Tool
08:33

Learning common defenses against CSRF.

Tokens and the Same-origin Policy
07:11
+
Extra Measures for the Shop
5 Lectures 27:25

Review the features of OWASP ZAP to analyze a site effectively.

Preview 06:32

Learn what two-factor authentication is and how it can be effective.

Two-factor Authentication
03:57

Understand how weak passwords can be mitigated and how to possibly defend against phishing.

Weak Passwords and Phishing
05:47

Comprehend what clickjacking is and the defenses.

Clickjacking
06:26

Wrap up the course.

Wrapping Up
04:43
About the Instructor
4.0 Average rating
3,624 Reviews
29,772 Students
311 Courses
Tech Knowledge in Motion

Packt has been committed to developer learning since 2004. A lot has changed in software since then - but Packt has remained responsive to these changes, continuing to look forward at the trends and tools defining the way we work and live. And how to put them to work.

With an extensive library of content - more than 4000 books and video courses -Packt's mission is to help developers stay relevant in a rapidly changing world. From new web frameworks and programming languages, to cutting edge data analytics, and DevOps, Packt takes software professionals in every field to what's important to them now.

From skills that will help you to develop and future proof your career to immediate solutions to every day tech challenges, Packt is a go-to resource to make you a better, smarter developer.

Packt Udemy courses continue this tradition, bringing you comprehensive yet concise video courses straight from the experts.



Report Abuse