Web Security Testing for Beginners-QA knowledge 2 next level

This course will take your skill set to next level as a Penetration Tester with Web security Knowledge
3.9 (82 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
1,036 students enrolled
$19
$100
81% off
Take This Course
  • Lectures 47
  • Length 6 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 8/2015 English

Course Description

Course Launch Date : Aug 30th 2015 -
**********Its Time to Protect our Websites from Security Attacks *************************

This Tutorial will give all the weapons you needed to investigate and unlock the Security Holes in the Web application

Course lectures are conceptually driven with root level explanations and bring you to the level where you can bring out the security bugs

Course Contents: Basics of Security Testing Terminologies involved in Security Domain Top OWASP principles Cross site Scrpiting Xss examples Cookies Importance Danger with stealing of cookies Session Hijacking Cross site forgery Attacks Parameter Tampering Methods to Intercept requests Account Management Password security guidelines Brute force mechanism Importance of Client side validations

On course completion You will be Mastered in Web Security Testing and can implement Successfully it in your work place or will surely land on High Paying Job

What are the requirements?

  • Nothing. All Prerequisites , Introductory Terminologies are taken care as part of the course

What am I going to get from this course?

  • You will be able to detect Cross site XSS scripting Vulnerability attack areas in website
  • You can investigate applciation behaviour with Parameter Tampering
  • You will understand the Importance of Cookies and their confidential data use
  • You will get the knowledge of all basics with Http that might cause attacking malicious inputs
  • You can test application against Session Hijacking Mechanisim
  • Detect Request forgery Designs if present any in Web applciations
  • Safety tips for Account Management and Brute force attacks

What is the target audience?

  • Any IT Professional can take this course to understand the Importance of Security for Web sites

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Introduction to course
Why security Testing gaining Importance day by day!
Preview
09:26
What we are going to learn from this course?
Preview
05:09
Section 2: Security Testing Basic Terminologies
What is Http and Https?
Preview
09:58
How can we avoid Man in middle attacks?
Preview
06:52
Http Methods overview in talking to servers
09:29
Fiddler Demo- Monitoring Network traffic
03:19
Understanding Fiddler to intercept requests
07:31
Material for Reference
Article
Section 3: XSS - Cross Site Scripting Vulnerability Testing
What is XSS? How it can damage Web sites
Preview
09:49
Detecting XSS Vulnerability for Websites - 1
08:14
Detecting XSS Vulnerability for Websites - 2
06:15
ByPassing Client Validation to perform XSS
09:09
Encoding all the inputs to avoid Attacks
10:03
Types of Attack - Reflected XSS
08:30
Types of Attack - Persisistence XSS
09:59
How to handle cross site scripting in IE browser
10:22
Material for reference
Article
Section 4: Importance of Cookies and their role in Security
What are cookies and where are they stored
08:48
Session cookie sensitive data Threats
09:43
How can we stop Cookies hijacking
07:41
Methods to Prevent cookie steal -Secure Attribute
13:56
Preventing cookies steal -Http Attribute flag
11:44
Domain and path attribute to restrict cookies
11:53
Setting Timeperiod for Sessions- Security Safety Tip
06:01
Material for reference
Article
Section 5: SQL Injection
What is SQL Injecting
07:32
How to identify SQL loop holes in web application
13:19
Exposing Security loop holes with malcious SQL syntax
09:20
List of urls Pattern which can cause attack with SQL
07:34
Material for reference
Article
Automation tool for SQL Injections
06:26
Section 6: Session Hijacking and Cross Site Forgery Attacks
What is CSRF? How can it cause threat
11:50
Session Hijacking with illegal requests
10:23
Avoid Cross SIte forgeries with Token Mechanisim
08:47
Checklist for Pen Testers to check CSRF Attacks
08:42
Material for reference
Article
Section 7: Parameter Tampering to steal sensitive data
What is Parameter Tampering?
09:49
Different sources to intercept requests
05:35
Importance of having Server side Validations
06:00
Intercepting requests with fiddler tool
06:49
Material for reference
Article
Section 8: Account Security
Steps to be taken for Password setting
08:46
List of Hacking Passwords and Precautions which need to be taken
05:57
Sources of Attacking Passwords
08:06
Best Practices to be followed in securing Account
09:20
Bruteforce attack handler Mechanism
12:35
Material for reference
Article

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Rahul Shetty, The "Testing school" to boost your career

Nothing is Impossible . It all depends on how you are Trained on it!

Teaching is our Passion. And its our Profession. The only Business We know is Spreading the Knowledge

So Our Testing school is here at Udemy to share all our 10 Years IT Experience Knowledge to QA Colleagues and Students

As an Director , Coming to my Teaching Profile I  have had Trained over 21000+ students in the below Technologies

**********************************************************************************************************

Selenium -Web Automation in Java and Python Soap UI - Webservices/ REST API Testing Appium - Mobile Automation in Android and IOS Jmeter - Performance Testing Software Testing Process Security Testing Automation Framework Building

********************************************************************************************************* Worked with various CMM level orgranizations. Managed in setting up of QA Process for the projects

Ready to start learning?
Take This Course