Web hacking and Security
4.3 (301 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
1,805 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Web hacking and Security to your Wishlist.

Add to Wishlist

Web hacking and Security

Basic to Intermediate level course for IT Security aspirants
Best Seller
4.3 (301 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
1,805 students enrolled
Created by infySEC Global
Last updated 11/2016
English
Price: $50
30-Day Money-Back Guarantee
Includes:
  • 1.5 hours on-demand video
  • 6 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Understand how web works?
  • Understand what cruise missile architecture is?
  • Understand how Client based attacks are performed?
  • Understand how Application based attacks are performed?
  • Understand how Server based attacks are performed?
  • Learn possible countermeasures to defend against these attacks.
  • Acquire an expertise on web security.
View Curriculum
Requirements
  • This course includes all the material required either as video or as a downloadable link hence there is no pre required materials or softwares for this course.
  • No prior training is required to take this course as we will start with the basics.
  • We welcome anyone with a thirst for learning
Description

Hi, welcome to our web hacking and security course.

In this course, we will teach you how client based, server based and application based web attacks are performed in a simulated/test environment in an ethical way. This course helps the web security professional to mitigate these attack using the recommended solution at the end of each module.

You will be encouraged to practice what you have learned in a simulated environment via our practice "Audio Visual Exercise" session.

We have designed this course to enable those aspiring to enter the information security field to learn core concepts on web hacking in order to safeguard a web infrastructure. By the end of this course, you will be familiar with how various types of web hacks are performed and you will be fully equipped to test and safeguard a web infrastructure against various real-time attack vectors.

This course has been specifically designed by a team of information security researchers who are acknowledged experts in their field.

This course has been designed to accelerate your learning process through the use of creative animations and easy to understand voice over narratives. Complex hacking concepts have been broken down into easy to understand modules.

Together, our team will walk you through the entire learning process step by step.

This course is perfect for existing web designers as well as anybody who is passionate about developing their skills in the field of internet security. No prior training is required to take this course as we will start with the basics. We welcome anyone with a thirst for learning.

We look forward to having you join us. In the meantime, please feel free to take a look at our demo tutorial and exercise before you purchase the full course.

Who is the target audience?
  • The course covers ground basics about web, hence student with no prior knowledge on web can opt for this course.
  • This course is perfect for existing web designers as well as anybody who is passionate about developing their skills in the field of internet security.
  • We have designed this course to enable those aspiring to enter the information security field to learn core concepts on web hacking.
  • Very rarely this course consist of software codes, however those codes are explained in a detailed manner. Hence one shouldn't bother about prior coding knowledge.
  • By the end of this course you will be familiar with how various types of web hacks are performed and you will be fully equipped to test web infrastructure against various real time attack vectors.
Compare to Other Ethical Hacking Courses
Curriculum For This Course
35 Lectures
01:51:15
+
Introduction
4 Lectures 27:23

This part provides an overview of the entire course structure.

Preview 00:28

Have you ever wondered what happens behind the scenes when you type "www.google.com" into your browser? Find out here.

Web Basics
10:24

Choose the correct answer for the Questions

WEB BASICS
3 questions

An introductory look at the list of attack vectors being discussed in the course.

Introduction
01:46

An insight into the tools that are being used to perform the attacks such as burp suite, cookie manager etc., , along with a tutorial on how to set up a simulated environment using DVWA and Webgoat.

Tools Walkthrough
14:45
+
Client Based Attacks
20 Lectures 35:47

The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done using a local host and a server.

Preview 04:49

A step-by-step approach on how to perform Phishing using Local Host and Server.

Preview 03:36

The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done by manipulating the Hosts File in the system.

Phishing - Host File Manipulation
01:36

A step-by-step approach on how to perform Phishing by manipulating the Hosts File in the system.

Exercise clip - Phishing - Host File Manipulation
02:59

The method of sending fraudulent emails, probing people to disclose sensitive data such as user credentials, financial information etc., is called Phishing. This lecture explains how this can be done using Base64 Encoding.

Phishing - Base64 Encoding
02:29

A step-by-step approach on how to perform Phishing using Base64 Encoding.

Exercise clip - Phishing - Base64 Encoding
01:28

Cross-site scripting (XSS) is a method of exploiting the trust between a server and a client by injecting a malicious script into a site. When the script gets reflected to one user alone, it is called Reflected or Non-Persistent XSS.

Cross Site Scripting - Reflected
02:21

A practice session on Reflected XSS variants.

Exercise clip - XSS - Reflected
01:09

Cross-site scripting (XSS) is a method of exploiting the trust between a server and a client by injecting a malicious script into a site. When the script gets stored in the database and gets reflected to all the users of the application it is known as Persistent XSS.

Cross Site Scripting - Stored
01:15

A practice session on Stored XSS variants.

Exercise clip - XSS - Stored
00:57

The act of redirecting a user request to a malicious URL is called URL redirection. This lecture explains how this can be performed using XSS vulnerability.

URL Redirection
00:58

A practice session that demonstrates the various ways to achieve URL Redirection.

Exercise clip - URL Redirection
00:56

Content Spoofing is the method of replacing authentic content on a web page with fake content. This lecture explains how this can be performed using XSS vulnerability..

Content Spoofing
01:52

A practice session that demonstrates the various ways to achieve Content Spoofing.

Exercise clip - Content Spoofing
00:49

This lecture deals with CSRF or XSRF attack, which is nothing but the act of exploiting the trust that a web site has in a user’s browser.

Cross Site Request Forgery
02:29

A practice session that gives a glimpse into the aftermath of the variants of CSRF vulnerability.

Exercise clip - XSRF
00:55

Get to know how to hijack innocent user clicks! Clickjacking - the act of hijacking the innocent user clicks in a web page to perform any malicious activity.

Clickjacking
02:25

A step-by-step approach on how to perform a Clickjacking Attack.

Exercise clip - Clickjacking
01:08

Want to increase the 'likes' on your facebook page? Perform Likejacking - An innocent users' clicks on a web page are hijacked to perform the function of a Facebook page’s like button.

Likejacking
01:36

When innocent user clicks on a web page is hijacked to perform the function of a facebook page's like button it is called a Likejacking.

Likejacking
1 question

As well as the offensive part of Client based attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or mitigation techniques as they are known.

Mitigation Techniques - Client-Based Attacks
6 pages
+
Server Based Attacks
4 Lectures 16:29

A Brute Force Attack is an exhaustive key search mechanism that uses a trial and error method to obtain sensitive information, such as user passwords, etc. for gaining unauthorized access. This lecture helps in understanding how brute force attacks can be performed.

Bruteforce Attack
04:29

A step-by-step approach on practicing a brute force attack in a simulated environment.

Exercise clip - Bruteforce
08:35

Making a system or any network resource unavailable to its intended users is called Denial of Service or DOS attack.

Denial of Service (DOS)
03:25

Making a system or any network resource unavailable to its intended users is called as Denial of Service or DOS attack.

Denial Of Service Attack
3 questions

As well as the offensive part of server based attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.

Mitigation Techniques - Server-Based Attacks
3 pages
+
Application Based Attacks
3 Lectures 08:39

The act of manipulating the parameters exchanged between client and server is called Parameter Tampering.

Parameter Tampering
04:39

A session for practicing Parameter Tampering.

Exercise clip - Parameter Tampering
04:00

As well as the offensive part of Application Based Attacks in Web hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.

Mitigation Techniques - Application-Based Attacks
2 pages
+
SQL Injection - Basics level
4 Lectures 10:57

Learn the basics of SQL, which allows you to get a glimpse of how a query is constructed using the logical operators available.

Preview 06:46

When the query getting formed on authentication of user credentials in a web application is bypassed, it is called Authentication Bypass.

Authentication Bypass
03:09

A session for practicing SQL Authentication Bypass.

Exercise clip - SQL Injection - Authentication Bypass
01:02

As well as the offensive part of SQL Injection attacks in Web Hacking as discussed in previous lectures, this lecture deals with the Defensive Mechanisms or Mitigation Techniques as they are called.

Mitigation Techniques - SQL Injection
1 page
About the Instructor
infySEC Global
4.3 Average rating
879 Reviews
12,628 Students
8 Courses
Head - Cyber Security Research

I head the academia and industry relations in  infySEC. I am also the director at infySEC .Early from the late 90's, I have been always passionate about computer, espically games which eventually had got interest to learn how computers work, such as application , debugging, disassembling, compiling,etc., with time, the same interest got towards networking, like how packets communicate, how data gets transferred,bandwidth , then got lil into wireless and eventually turning back prooved me i was not anywhere but a lovely apt domain called 'Security', i feel i have been travelling in a very interesting path from where i have started, i would certainly urge everyone of us to try it experience it, its not jus the knowledge but its fun, and yea for me i have miles to go myself.

After 14 years I have turned to focus my efforts on training how attackers hack systems and also started to help them understand how to secure ourselves against such attacks. I decided to teach all that i have learnt over the period of 15 years in form of few videos, which effectively means i teach all that 15 years to you in a week...  My instruction is very actionable with live demos and hands on, Also i share lab exercises which will enable you not just to read but impliment what you have learnt, I want students to take the knowledge they gain and start using it to make money or do what they choose to do with it (ofcourse only ethical ones). 

In 2013, I along with my team at infySEC, stuck the World Record for conducting the largest and longest ethical hacking Marathon with over 9000+ participants assembled in one location, check us on youtube for reference.

My expectations soon after my graduation about IT company's were shattered :D , afterall they say, you are what your company is.My fellow colleagues and team mates were working for money, i was desperate and searching for some like minded in computers, but again, its been 5 yrs i have been working for Multi national companies, and now i have got full time freelancing, afterall there is no one to question your time restriction of work, domain of work, etc..,You are master of your fate, and captain of your soul.... Live the life you have imagined :D

You will find my teaching style is well liked by my students and they are always looking for new and exciting courses from me.

Harry The Boss - Rating: 5 out of 5
I highly recommend infysec to everyone.I joined the training with absolutely no prior experience in ethical hacking....When I attended a training..It was revelation..The fluidity and crisp and clear understanding of trainer was showing...No jargons.  In fact he made a very complex phenomenon very simple to comprehend. I gained much more than expectations.... The trainer was master in his subject knowledge...With answers to any questions shooting at him....

Stacie Stalcup - Rating: 5 out of 5
I enjoy the animation. No matter what computer course Infysec offers, I will most likely take it because of how the subject matter is taught and presented. We aren't forced to look at someone reading powerpoints or watching someone talking into the camera which makes me sleepy and becomes boring. There is no dull PowerPoint here; Instead, InfySEC animates the techniques and after the lessons provide step by step exercises. I wish all Udemy classes were taught this way.

Dominik Koszkul - Rating: 5 out of 5
This course quickly shows what are dangers in web. Great for beginners to realize how to write the web applications and secure the servers against attackers

Raymundo Torres - Rating: 5 out of 5
This instruction video was great. Just stuck to the material and explained it thoroughly with visual images and examples. This video inspired me to start a smalll training program for my fellow colleagues. Thanks!

Diana Carolina Gómez  - Rating: 5 out of 5
Because the explanations have simple examples and close to reality. This helps to recognize and understand the content of the course easier.

Miteshkumar Joshi -  Rating: 5 out of 5
Having some knowledge on HTTP, this course is suitable for me and clearly defines some areas where I was findling it diffculty.

Come , lets togather make the world a secure place to live in !