IIRF Online > IT & Software > Network & Security > Penetration Testing > Hacking Web Applications & Penetration Testing: Web Hacking
Hacking Web Applications & Penetration Testing: Web Hacking by Udemy
Learn Ethical Web Hacking, Bug Bounty, Web Penetration, Penetration Testing and prevent vulnerabilities with this course
Course Highlights
- Ethical hacking is a good career because it is one of the best ways to test a network.
- Ethical hacking involves a hacker agreeing with an organization or individual who authorizes the hacker to levy cyber attacks on a system or network
- In addition to proficiency in basic computer skills and use of the command line, ethical hackers must also develop technical skills
- Many hackers use the Linux operating system (OS) because Linux is a free and open-source OS, meaning that anyone can modify it.
- Ethical hacking is legal because the hacker has full, expressed permission to test the vulnerabilities of a system.
- The different types of hackers include white hat hackers who are ethical hackers and are authorized to hack systems, black hat hackers
- Whether you want to get your first job in IT security, become a white hat hacker, or prepare to check the security of your own home network
- Penetration testing skills make you a more marketable IT tech. Understanding how to exploit servers, networks, and applications
- Penetration tests have five different stages. The first stage defines the goals and scope of the test and the testing methods that will be used.
- There are many types of penetration testing. Internal penetration testing tests an enterprise's internal network.
- Penetration testing, or pen testing, is the process of attacking an enterprise's network to find any vulnerabilities that could be present to be patched.
- Set up a virtual environment to practice without affecting main systems
- Install Kali Linux - a penetration testing Debian distro
- Install virtual system which has vulnerable web applications
- Basic terms, standards, services, protocols and technologies
- HTTP protocol, requests and responses
- HTTPS, TLS/SSL
- Intercepting HTTP traffic using a personal proxy
- Gather sensitive information in websites
- Find known vulnerabilities using vulnerability database
- Find known vulnerabilities using search engines
- Google Hack Database (GHDB)
- Discover unpublished directories and files associated with a target website
- Input and output manipulation
- Input and output validation approaches
- Discover and exploit reflected XSS vulnerabilities
- Discover and exploit stored XSS vulnerabilities
- Discover DOM-based XSS vulnerabilities
- Prevent XSS vulnerabilities
- Discover and exploit SQL injection vulnerabilities, and prevent them
- Bypass login mechanisms using SQL injections and login a website without password
- Find more in a database using SQL injection vulnerabilities: databases, tables and sensitive data such as passwords
- Discover & exploit blind SQL injections
- Prevent SQL injections
- Authentication methods and strategies
- Bypass authentication mechanisms
- Find unknown usernames and passwords: brute force & dictionary attacks
- Launch a dictionary attack
- Access unauthorized processes
- Escalate privileges
- Access sensitive data using path traversal attack
- Session management mechanism
- Impersonating victim by session fixation attack
- Discover and exploit CSRF (Cross Site Request Forgery)
- In many situations, a network seems impenetrable only because it hasn’t succumbed to an attack in years.
- An ethical hacker is also sometimes referred to as a white hat hacker. Many depend on ethical hackers to identify weaknesses in their networks
- Ethical hackers and security experts carry out these tests to find any weak spots in a system’s security
Skills you will learn!
Curriculum
1 Topic
Introduction to ethical hacking
5 Topics
Download and Install VirtualBOX
Download and Install Kali Linux -VirtualBox
Download and Install Kali Linux Image File
OWASP Image File-2 Download and Add VirtualBOX
Create Nat Network and Connections Test with VirtualBox
5 Topics
VmWare Download and Install
Kali Linux Install VMWare
Kali Image File Add VmWare
Owasp Add VmWare
Create Nat Network and Connections Test with VmWare
1 Topic
Bug Bounty
6 Topics
Basic Terms & Standards
HTTP Protocol Basics and SSL
Intercepting HTTP Traffic with Burp Suite
Intercepting HTTPS Traffic with Burp Suite
Web Attacks Classification
quiz
6 Topics
Introduction to OWASP ZAP
Installation of OWASP ZAP & a Quick Scan
Using OWASP ZAP as a Personal Proxy
Intercepting HTTPS Traffics with OWASP ZAP
Scanning a Website Which Requires Authentication
quiz
3 Topics
Information Gathering & Configuration Management Part 1
Information Gathering & Configuration Management Part 2
quiz
8 Topics
SOP Javascript and Input-Output Validation
XSS (Cross Site Scripting) - Reflected XSS
XSS (Cross Site Scripting) - Stored and DOM Based XSS
BeEF - The Browser Exploitation Framework
SQL Injection Part 1
SQL Injection Part 2
SQL Injection Part 3
quiz
6 Topics
Authentication
Authentication Attacks
An Online Dictionary Attack with Hydra
Authorization
Path Traversal Demo
quiz
4 Topics
Session Management
Session Fixation & Demo
Cross Site Request Forgery
quiz
10 Topics
Introduction
Using Search Engines & Google Hacking to Gather Information
Search Engine Tools: SearchDiggity
Shodan
Gathering Information About the People
Web Archives
FOCA Fingerprinting Organisations with Collected Archives
The Harvester & Recon-NG
Maltego - Visual Link Analysis Tool
quiz
1 Topic
Hacking Web Applications & Penetration Testing: Web Hacking
Hacking Web Applications & Penetration Testing: Web Hacking
Related Penetration Testing Courses
Thank You!
Your review has been submitted successfully.