Kali Linux Web App Testing
4.4 (52 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
902 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Kali Linux Web App Testing to your Wishlist.

Add to Wishlist

Kali Linux Web App Testing

Leverage the true power of Kali Linux with the help of its tools and take your app security to the next level
4.4 (52 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
902 students enrolled
Created by Packt Publishing
Last updated 9/2015
Current price: $10 Original price: $75 Discount: 87% off
5 hours left at this price!
30-Day Money-Back Guarantee
  • 3 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Understand what SQL injection is and coupled with SQLMap, how it can infiltrate your system
  • Protect your system against XSS vulnerabilities by using XSSER
  • Safeguard user credentials by figuring out how Bruteforcing works
  • Get to know Remote Command Execution and how it can affect your system
  • Analyze Cross-Site Request Forgery attacks to defend your system against them
  • Inspect open proxies and open redirects to shield your system from them
  • Understand Clickjacking and the best approach to elude it
View Curriculum
  • No matter whether you are familiar to Kali Linux or totally new to it, this course will guide you through all the essential tools to kick-start app testing.

With an ever-changing online environment, security is a constantly growing concern. It's hard for web developers to keep up with new and emerging techniques that attackers may use to hack into a site. In such a scenario, Kali Linux emerges as a powerful package to penetration test your website or application.

Kali Linux Web App Testing will help you prevent different cyber attacks from basic vulnerabilities to ones less spoken of. Firstly, you will be introduced to injection techniques such as SQL injection along with SQLMap. After that, you'll learn what XSS injection is and how to use XSSER against it. Then you'll walk through local and remote file inclusions and ways to counteract them. You'll also learn other cyber invasions such as Remote Command Execution and Cross Site Request Forgery. Furthermore, you'll see what Open Redirects and Open Proxies are and how to tackle them. Finally, you'll learn the concept of Clickjacking and how to avoid it. Towards the end of this course, you'll not only be familiar with various cyber attacks and vulnerabilities, but also know different approaches to deal with them.

The course follows a strict hands-on approach; combined with practical examples, it will help you to understand, how these attacks work and how to combat them effectively.

About the Author

Jack (linkcabin) is a UK-based independent security researcher, who has a huge passion for information security. He loves reverse engineering, finding vulnerabilities in web applications, and creating video content. He is in the Halls of Fame of Netflix, AT&T, and eBay. Jack also catalogues some of his more technical findings on a blog, and various information security professionals read about them. Much of his day is spent e-mailing companies about vulnerabilities that he comes across in their websites. He finds the offensive side of security an interesting area, and is passionate about researching and communicating with various people about the importance of security. He also aims to change the existing public opinion on hackers.

Who is the target audience?
  • If you're a web developer who wants to make their app impenetrable, then this course is perfect for you.
Students Who Viewed This Course Also Viewed
Curriculum For This Course
29 Lectures
Understanding the Basics
3 Lectures 18:26

Talk about different features that Kali Linux has to offer.

Course Overview

Create our work environment to work with Kali Linux.

Taking the First Steps

Understand the basic concepts of Kali Linux.

Using Kali Linux
Security Vulnerabilities – A Website's Worst Case Scenario
6 Lectures 44:02

Understand how to trigger SQL errors to show a possibility of a SQL Injection.

Preview 07:55

Learn about some of sqlmap's command-line arguments.

sqlmap Part 1

Explain the more obscure arguments.

sqlmap Part 2

Learn what the concept of XSS is.

Types of Cross-site Scripting (XSS)

Working with XSSER in GUI.

Working with XSSER

Filtering out injections correctly.

Filtering and Validation
Securing Your Files – No File Is Safe
3 Lectures 15:15

Get familiarized with the concept of LFI and RFI, and know how dangerous they are.

Preview 06:49

Use Fimap to identify LFI and RFI vulnerabilities.


Understand directory traversal and fix RFI/LFI/Directory Traversal.

Directory Traversal
Avoiding Forced Attacks
4 Lectures 28:48

Understand the basics of brute-forcing.

Hash Brute-forcing

Explore the fundamentals of Hashcat.


Discuss the concept of form brute-forcing.

Form Brute-forcing

Discover how powerful Hydra can be.

New Tools in the Arsenal
5 Lectures 31:02

Learn about the various parts of vulnerability scanners.

Preview 08:24

Study the main concept of open redirects and open proxies.

Open Redirects and Open Proxies

Know what remote command execution is.

Remote Command Execution (RCE)

Understand the term "Information Disclosure."

Information Disclosure

How tampering data can be useful in a manual scan of a site.

Tampering Data in Packets
Silent Manipulation with CSRF
3 Lectures 19:54

Understand what CSRF is and what the consequences of having this vulnerability could be.

Preview 04:10

Learn to use testing tools for the proof of concept and examples of CSRF.

CSRF Tester Tool

Learning common defenses against CSRF.

Tokens and the Same-origin Policy
Extra Measures for the Shop
5 Lectures 27:25

Review the features of OWASP ZAP to analyze a site effectively.

Preview 06:32

Learn what two-factor authentication is and how it can be effective.

Two-factor Authentication

Understand how weak passwords can be mitigated and how to possibly defend against phishing.

Weak Passwords and Phishing

Comprehend what clickjacking is and the defenses.


Wrap up the course.

Wrapping Up
About the Instructor
Packt Publishing
3.9 Average rating
8,175 Reviews
58,818 Students
687 Courses
Tech Knowledge in Motion

Packt has been committed to developer learning since 2004. A lot has changed in software since then - but Packt has remained responsive to these changes, continuing to look forward at the trends and tools defining the way we work and live. And how to put them to work.

With an extensive library of content - more than 4000 books and video courses -Packt's mission is to help developers stay relevant in a rapidly changing world. From new web frameworks and programming languages, to cutting edge data analytics, and DevOps, Packt takes software professionals in every field to what's important to them now.

From skills that will help you to develop and future proof your career to immediate solutions to every day tech challenges, Packt is a go-to resource to make you a better, smarter developer.

Packt Udemy courses continue this tradition, bringing you comprehensive yet concise video courses straight from the experts.