Web hacking and Security
4.3 (273 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
1,662 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Web hacking and Security to your Wishlist.

Add to Wishlist

Web hacking and Security

Basic to Intermediate level course for IT Security aspirants
Bestselling
4.3 (273 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
1,662 students enrolled
Last updated 11/2016
English
Current price: $10 Original price: $50 Discount: 80% off
5 hours left at this price!
30-Day Money-Back Guarantee
Includes:
  • 1.5 hours on-demand video
  • 6 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Understand how web works?
  • Understand what cruise missile architecture is?
  • Understand how Client based attacks are performed?
  • Understand how Application based attacks are performed?
  • Understand how Server based attacks are performed?
  • Learn possible countermeasures to defend against these attacks.
  • Acquire an expertise on web security.
View Curriculum
Requirements
  • This course includes all the material required either as video or as a downloadable link hence there is no pre required materials or softwares for this course.
  • No prior training is required to take this course as we will start with the basics.
  • We welcome anyone with a thirst for learning
Description

Hi, welcome to our web hacking and security course.

In this course, we will teach you how client based, server based and application based web attacks are performed in a simulated/test environment in an ethical way. This course helps the web security professional to mitigate these attack using the recommended solution at the end of each module.

You will be encouraged to practice what you have learned in a simulated environment via our practice "Audio Visual Exercise" session.

We have designed this course to enable those aspiring to enter the information security field to learn core concepts on web hacking in order to safeguard a web infrastructure. By the end of this course, you will be familiar with how various types of web hacks are performed and you will be fully equipped to test and safeguard a web infrastructure against various real-time attack vectors.

This course has been specifically designed by a team of information security researchers who are acknowledged experts in their field.

This course has been designed to accelerate your learning process through the use of creative animations and easy to understand voice over narratives. Complex hacking concepts have been broken down into easy to understand modules.

Together, our team will walk you through the entire learning process step by step.

This course is perfect for existing web designers as well as anybody who is passionate about developing their skills in the field of internet security. No prior training is required to take this course as we will start with the basics. We welcome anyone with a thirst for learning.

We look forward to having you join us. In the meantime, please feel free to take a look at our demo tutorial and exercise before you purchase the full course.

Who is the target audience?
  • The course covers ground basics about web, hence student with no prior knowledge on web can opt for this course.
  • This course is perfect for existing web designers as well as anybody who is passionate about developing their skills in the field of internet security.
  • We have designed this course to enable those aspiring to enter the information security field to learn core concepts on web hacking.
  • Very rarely this course consist of software codes, however those codes are explained in a detailed manner. Hence one shouldn't bother about prior coding knowledge.
  • By the end of this course you will be familiar with how various types of web hacks are performed and you will be fully equipped to test web infrastructure against various real time attack vectors.
Students Who Viewed This Course Also Viewed
Curriculum For This Course
35 Lectures
01:51:15
+
Introduction
4 Lectures 27:23

This part provides an overview of the entire course structure.

Preview 00:28

Have you ever wondered what happens behind the scenes when you type "www.google.com" into your browser? Find out here.

Web Basics
10:24

Choose the correct answer for the Questions

WEB BASICS
3 questions

An introductory look at the list of attack vectors being discussed in the course.

Introduction
01:46

An insight into the tools that are being used to perform the attacks such as burp suite, cookie manager etc., , along with a tutorial on how to set up a simulated environment using DVWA and Webgoat.

Tools Walkthrough
14:45
+
Client Based Attacks
20 Lectures 35:47

The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done using a local host and a server.

Preview 04:49

A step-by-step approach on how to perform Phishing using Local Host and Server.

Preview 03:36

The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done by manipulating the Hosts File in the system.

Phishing - Host File Manipulation
01:36

A step-by-step approach on how to perform Phishing by manipulating the Hosts File in the system.

Exercise clip - Phishing - Host File Manipulation
02:59

The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done using Base64 Encoding.

Phishing - Base64 Encoding
02:29

A step-by-step approach on how to perform Phishing using Base64 Encoding.

Exercise clip - Phishing - Base64 Encoding
01:28

Cross-site scripting (XSS) is a method of exploiting the trust between a server and a client by injecting a malicious script into a site. When the script gets reflected to one user alone, it is called Reflected or Non-Persistent XSS.

Cross Site Scripting - Reflected
02:21

A practice session on Reflected XSS variants.

Exercise clip - XSS - Reflected
01:09

Cross-site scripting (XSS) is a method of exploiting the trust between a server and a client by injecting a malicious script into a site. When the script gets stored in the database and gets reflected to all the users of the application it is known as Persistent XSS.

Cross Site Scripting - Stored
01:15

A practice session on Stored XSS variants.

Exercise clip - XSS - Stored
00:57

The act of redirecting a user request to a malicious URL is called URL redirection. This lecture explains how this can be performed using XSS vulnerability.

URL Redirection
00:58

A practice session that demonstrates the various ways to achieve URL Redirection.

Exercise clip - URL Redirection
00:56

Content Spoofing is the method of replacing authentic content on a web page with fake content. This lecture explains how this can be performed using XSS vulnerability..

Content Spoofing
01:52

A practice session that demonstrates the various ways to achieve Content Spoofing.

Exercise clip - Content Spoofing
00:49

This lecture deals with CSRF or XSRF attack, which is nothing but the act of exploiting the trust that a web site has in a user’s browser.

Cross Site Request Forgery
02:29

A practice session that gives a glimpse into the aftermath of the variants of CSRF vulnerability.

Exercise clip - XSRF
00:55

Get to know how to hijack innocent user clicks! Clickjacking - the act of hijacking the innocent user clicks in a web page to perform any malicious activity.

Clickjacking
02:25

A step-by-step approach on how to perform a Clickjacking Attack.

Exercise clip - Clickjacking
01:08

Want to increase the 'likes' on your facebook page? Perform Likejacking - An innocent users' clicks on a web page are hijacked to perform the function of a Facebook page’s like button.

Likejacking
01:36

When innocent user clicks on a web page is hijacked to perform the function of a facebook page's like button it is called a Likejacking.

Likejacking
1 question

As well as the offensive part of Client based attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or mitigation techniques as they are known.

Mitigation Techniques - Client-Based Attacks
6 pages
+
Server Based Attacks
4 Lectures 16:29

A Brute Force Attack is an exhaustive key search mechanism that uses a trial and error method to obtain sensitive information, such as user passwords, etc. for gaining unauthorized access. This lecture helps in understanding how brute force attacks can be performed.

Bruteforce Attack
04:29

A step-by-step approach on practicing a brute force attack in a simulated environment.

Exercise clip - Bruteforce
08:35

Making a system or any network resource unavailable to its intended users is called Denial of Service or DOS attack.

Denial of Service (DOS)
03:25

Making a system or any network resource unavailable to its intended users is called as Denial of Service or DOS attack.

Denial Of Service Attack
3 questions

As well as the offensive part of server based attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.

Mitigation Techniques - Server-Based Attacks
3 pages
+
Application Based Attacks
3 Lectures 08:39

The act of manipulating the parameters exchanged between client and server is called Parameter Tampering.

Parameter Tampering
04:39

A session for practicing Parameter Tampering.

Exercise clip - Parameter Tampering
04:00

As well as the offensive part of Application Based Attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.

Mitigation Techniques - Application-Based Attacks
2 pages
+
SQL Injection - Basics level
4 Lectures 10:57

Learn the basics of SQL, which allows you to get a glimpse of how a query is constructed using the logical operators available.

Preview 06:46

When the query getting formed on authentication of user credentials in a web application is bypassed, it is called Authentication Bypass.

Authentication Bypass
03:09

A session for practicing SQL Authentication Bypass.

Exercise clip - SQL Injection - Authentication Bypass
01:02

As well as the offensive part of SQL Injection attacks in Web Hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.

Mitigation Techniques - SQL Injection
1 page
About the Instructor
Creative Instructor - Director infySEC UK
4.4 Average rating
499 Reviews
2,638 Students
7 Courses
To ReInforce Trust in IT

infySEC is a rapidly growing Information Security Services Organization. Our focus is on three areas: Client Security, Research & Development and Information Security Education. infySEC is committed in providing an innovative set of services that address our client's security needs. infySEC keeps focusing on Research & Development, Vulnerabilities Analysis and Tools Development.