Sharing Is Caring:

Web Application Hacking & Penetration Testing

by

Learn how to hack web applications and exploit OWASP top 10 security vulnerabilities.

Free tutorial

8,013 students

1hr 47min of on-demand video

Created by Vivek Kumar

English

English [Auto]

Current priceFree

What you’ll learn

  • Learn web application security vulnerabilities
  • Exploit Injection – SQL Injection, Command injection
  • Broken Authentication and Session Management
  • Sensitive Data Exposure
  • XML External Entities (XXE) attack
  • Broken Access Control/Insecure Direct Object References
  • Security Misconfiguration
  • Cross-Site Scripting (XSS) – Persistent XSS, Reflected XSS, Cross Site Request Forgery (CSRF)
  • Insecure Deserialization
  • Using Components with Known Vulnerabilities
  • Insuffcient Logging and Monitoring
  • Bonus Section – Unvalidated Redirects and Forwards

Requirements

  • Basic IT skills
  • No Hacking knowledge required

Description

If you are looking for a course that provides good coverage of the important top 10 security vulnerabilities in Web Applications in a short and concise way then you have come to the right place !!  This course is relevant whether you are looking for application that are deployed on cloud or physical servers and VM’s since the web application vulnerabilities don’t magically disappear just because the application is deployed on the cloud.

Read Also -->   AutoCAD Civil Tutorials by JP

This course is focused on practical learning and applying your knowledge. To achieve that the course includes tutorial on how to install Xampp server and vulnerable applications on your machine so that you can practice what you are learning rather than just watch the tutorials.

There are many courses which mainly focus on how to exploit the vulnerabilities of physical servers but with the cloud being the preferred way nowadays to deploy application and also with advances made in securing physical servers learning those techniques may not prove to be very advantageous. 

This course covers the below OWASP top 10 web application security risks –

1. Injection – SQL Injection, Command Injection

2. Broken Authentication

3. Sensitive Data Exposure

4. XML External Entities (XXE)

5. Broken Access Control

6. Security Misconfiguration

7. Cross-Site Scripting (XSS)

8. Insecure Deserialization

9. Using Components with Known Vulnerabilities

10. Insuffcient Logging and Monitoring

This course is for educational purposes only.

Who this course is for:

  • Anyone who is interested in learning Web Application Hacking and Penetration Testing
  • Students, Developers, Testers, IT Professionals etc

Show less

Course content

14 sections • 33 lectures • 1h 51m total lengthCollapse all sections

Introduction1 lecture • 3min

  • Introduction02:38

Installation3 lectures • 18min

  • Install XAMPP04:33
  • Install DVWA and Mutillidae06:41
  • Install Burp Suite and Capture traffic06:44

Information Gathering3 lectures • 12min

  • Website information and technologies used04:33
  • Web application subdomains04:26
  • Finding other web applications installed on server03:03

Injection vulnerability4 lectures • 23min

  • Injection, Real breaches02:20
  • SQL injection – Get database, tables and users credentials09:40
  • SQL injection – ByPass checks on login page at low and medium secure levels08:26
  • Command injection vulnerability02:48
Read Also -->   Java for Absolute Beginners

Broken Authentication vulnerability3 lectures • 7min

  • Broken Authentication and Real Breaches01:20
  • Logging as Admin by manipulating cookies03:51
  • Username Harvesting01:23

Sensitive Data Exposure3 lectures • 8min

  • Sensitive Data Exposure – Real Breaches01:56
  • Paths Exposed by Robots file and Accounts Exposed02:30
  • Sensitive Information Disclosure03:57

XML External Entities (XXE) vulnerability2 lectures • 5min

  • XML External Entities (XXE) Flaw and Real Breaches01:27
  • XXE Vulnerability Demonstration03:03

Broken Access Control Vulnerability4 lectures • 11min

  • Broken Access Control and Real Breaches02:12
  • Insecure Direct Object Reference (IDOR)03:55
  • Local File Inclusion Flaw01:39
  • Remote File Inclusion Flaw03:38

Security Misconfiguration3 lectures • 6min

  • Security Misconfiguration – Real Breaches01:33
  • Directory Browsing Issue02:07
  • Unrestricted File Upload Issue02:02

Cross-Site Scripting (XSS) & Cross Site Request Forgery (CSRF)3 lectures • 14min

  • XSS Flaw and Real Breaches02:06
  • Persistent and Reflected XSS Demonstration03:41
  • Cross Site Request Forgery (CSRF) Demonstration08:26

Insecure Deserialization1 lecture • 1min

  • Insecure Deserialization Vulnerability00:58

Using Components with Known Vulnerabilities1 lecture • 1min

  • Using Components with Known Vulnerabilities00:53

Insufficient Logging & Monitoring1 lecture • 2min

  • Insufficient Logging & Monitoring02:14

Bonus Section1 lecture • 1min

  • Unvalidated Redirects and Forwards00:53

👇👇👇👇 Click Below to Enroll in Free Udemy Course 👇👇👇👇

Go to Course

👇👇 See Also 👇👇

Join Us Join Us Join Us
Sharing Is Caring:

Leave a Comment

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

Powered By
Best Wordpress Adblock Detecting Plugin | CHP Adblock