Hi, welcome to our web hacking and security course.
In this course, we will teach you how client based, server based and application based web attacks are performed in a simulated/test environment in an ethical way. This course helps the web security professional to mitigate these attack using the recommended solution at the end of each module.
You will be encouraged to practice what you have learned in a simulated environment via our practice "Audio Visual Exercise" session.
We have designed this course to enable those aspiring to enter the information security field to learn core concepts on web hacking in order to safeguard a web infrastructure. By the end of this course, you will be familiar with how various types of web hacks are performed and you will be fully equipped to test and safeguard a web infrastructure against various real-time attack vectors.
This course has been specifically designed by a team of information security researchers who are acknowledged experts in their field.
This course has been designed to accelerate your learning process through the use of creative animations and easy to understand voice over narratives. Complex hacking concepts have been broken down into easy to understand modules.
Together, our team will walk you through the entire learning process step by step.
This course is perfect for existing web designers as well as anybody who is passionate about developing their skills in the field of internet security. No prior training is required to take this course as we will start with the basics. We welcome anyone with a thirst for learning.
We look forward to having you join us. In the meantime, please feel free to take a look at our demo tutorial and exercise before you purchase the full course.
Have you ever wondered what happens behind the scenes when you type "www.google.com" into your browser? Find out here.
Choose the correct answer for the Questions
An introductory look at the list of attack vectors being discussed in the course.
An insight into the tools that are being used to perform the attacks such as burp suite, cookie manager etc., , along with a tutorial on how to set up a simulated environment using DVWA and Webgoat.
The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done using a local host and a server.
A step-by-step approach on how to perform Phishing using Local Host and Server.
The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done by manipulating the Hosts File in the system.
A step-by-step approach on how to perform Phishing by manipulating the Hosts File in the system.
The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done using Base64 Encoding.
A step-by-step approach on how to perform Phishing using Base64 Encoding.
Cross-site scripting (XSS) is a method of exploiting the trust between a server and a client by injecting a malicious script into a site. When the script gets reflected to one user alone, it is called Reflected or Non-Persistent XSS.
A practice session on Reflected XSS variants.
Cross-site scripting (XSS) is a method of exploiting the trust between a server and a client by injecting a malicious script into a site. When the script gets stored in the database and gets reflected to all the users of the application it is known as Persistent XSS.
A practice session on Stored XSS variants.
The act of redirecting a user request to a malicious URL is called URL redirection. This lecture explains how this can be performed using XSS vulnerability.
A practice session that demonstrates the various ways to achieve URL Redirection.
Content Spoofing is the method of replacing authentic content on a web page with fake content. This lecture explains how this can be performed using XSS vulnerability..
A practice session that demonstrates the various ways to achieve Content Spoofing.
This lecture deals with CSRF or XSRF attack, which is nothing but the act of exploiting the trust that a web site has in a user’s browser.
A practice session that gives a glimpse into the aftermath of the variants of CSRF vulnerability.
Get to know how to hijack innocent user clicks! Clickjacking - the act of hijacking the innocent user clicks in a web page to perform any malicious activity.
A step-by-step approach on how to perform a Clickjacking Attack.
Want to increase the 'likes' on your facebook page? Perform Likejacking - An innocent users' clicks on a web page are hijacked to perform the function of a Facebook page’s like button.
When innocent user clicks on a web page is hijacked to perform the function of a facebook page's like button it is called a Likejacking.
As well as the offensive part of Client based attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or mitigation techniques as they are known.
A Brute Force Attack is an exhaustive key search mechanism that uses a trial and error method to obtain sensitive information, such as user passwords, etc. for gaining unauthorized access. This lecture helps in understanding how brute force attacks can be performed.
A step-by-step approach on practicing a brute force attack in a simulated environment.
Making a system or any network resource unavailable to its intended users is called Denial of Service or DOS attack.
Making a system or any network resource unavailable to its intended users is called as Denial of Service or DOS attack.
As well as the offensive part of server based attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.
The act of manipulating the parameters exchanged between client and server is called Parameter Tampering.
A session for practicing Parameter Tampering.
As well as the offensive part of Application Based Attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.
Learn the basics of SQL, which allows you to get a glimpse of how a query is constructed using the logical operators available.
When the query getting formed on authentication of user credentials in a web application is bypassed, it is called Authentication Bypass.
A session for practicing SQL Authentication Bypass.
As well as the offensive part of SQL Injection attacks in Web Hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.
I head the academia and industry relations in infySEC. I am also the director at infySEC .Early from the late 90's, I have been always passionate about computer, espically games which eventually had got interest to learn how computers work, such as application , debugging, disassembling, compiling,etc., with time, the same interest got towards networking, like how packets communicate, how data gets transferred,bandwidth , then got lil into wireless and eventually turning back prooved me i was not anywhere but a lovely apt domain called 'Security', i feel i have been travelling in a very interesting path from where i have started, i would certainly urge everyone of us to try it experience it, its not jus the knowledge but its fun, and yea for me i have miles to go myself.
After 14 years I have turned to focus my efforts on training how attackers hack systems and also started to help them understand how to secure ourselves against such attacks. I decided to teach all that i have learnt over the period of 15 years in form of few videos, which effectively means i teach all that 15 years to you in a week... My instruction is very actionable with live demos and hands on, Also i share lab exercises which will enable you not just to read but impliment what you have learnt, I want students to take the knowledge they gain and start using it to make money or do what they choose to do with it (ofcourse only ethical ones).
In 2013, I along with my team at infySEC, stuck the World Record for conducting the largest and longest ethical hacking Marathon with over 9000+ participants assembled in one location, check us on youtube for reference.
My expectations soon after my graduation about IT company's were shattered :D , afterall they say, you are what your company is.My fellow colleagues and team mates were working for money, i was desperate and searching for some like minded in computers, but again, its been 5 yrs i have been working for Multi national companies, and now i have got full time freelancing, afterall there is no one to question your time restriction of work, domain of work, etc..,You are master of your fate, and captain of your soul.... Live the life you have imagined :D
You will find my teaching style is well liked by my students and they are always looking for new and exciting courses from me.
Harry The Boss - Rating: 5 out of 5
I highly recommend infysec to everyone.I joined the training with absolutely no prior experience in ethical hacking....When I attended a training..It was revelation..The fluidity and crisp and clear understanding of trainer was showing...No jargons. In fact he made a very complex phenomenon very simple to comprehend. I gained much more than expectations.... The trainer was master in his subject knowledge...With answers to any questions shooting at him....
Stacie Stalcup - Rating: 5 out of 5
I enjoy the animation. No matter what computer course Infysec offers, I will most likely take it because of how the subject matter is taught and presented. We aren't forced to look at someone reading powerpoints or watching someone talking into the camera which makes me sleepy and becomes boring. There is no dull PowerPoint here; Instead, InfySEC animates the techniques and after the lessons provide step by step exercises. I wish all Udemy classes were taught this way.
Dominik Koszkul - Rating: 5 out of 5
This course quickly shows what are dangers in web. Great for beginners to realize how to write the web applications and secure the servers against attackers
Raymundo Torres - Rating: 5 out of 5
This instruction video was great. Just stuck to the material and explained it thoroughly with visual images and examples. This video inspired me to start a smalll training program for my fellow colleagues. Thanks!
Diana Carolina Gómez - Rating: 5 out of 5
Because the explanations have simple examples and close to reality. This helps to recognize and understand the content of the course easier.
Miteshkumar Joshi - Rating: 5 out of 5
Having some knowledge on HTTP, this course is suitable for me and clearly defines some areas where I was findling it diffculty.
Come , lets togather make the world a secure place to live in !