OWASP Top 10 2017: Exploit and Mitigation

Web Application Pentesting and Mitigations

3.65 (147 reviews)
Udemy
platform
English
language
Other
category
instructor
11,200
students
1.5 hours
content
Jun 2020
last update
$19.99
regular price

What you will learn

Web Application Pentesting

Completing 20 exercise of Mutillidae Vulnerable Web Application

OWASP top 10 2017

Mitigations for each vulnerability

Secure code for mitigation

Description

We will be looking at the OWASP Top 10 web attacks 2017. Students are going to understand each attack by practicing them on their own with the help of this course. We will use Mutillidae 2 Vulnerable Web Application for all attack practice. We will start from setting up the lab to exploiting each vulnerability.

This course not just focuses on attacks but also helps understanding the mitigations for each vulnerability.

Students will understand the mitigations through Secure Source Codes and Best Practices provided in this course that should be followed by the developers to protect their web application from these vulnerabilities.

Content

Introduction

Topics Covered

Mutillidae Lab Setup

Lab Setup

Exploiting Mutillidae

Union Based Injection
Command Injection
Authentication Bypass
Injection Using Sqlmap
Login Bruteforce
User Enumeration
Sensitive Data Exposure
"Secret" Administrative Page
XML External Entities
Local File Inclusion
Text File Viewer
Missing Function Level Access Control
Privilege Escalation
Directory Browsing
Reflected XSS
Stored XSS
DOM Based XSS
Insecure Deserialization
Using Components with Known Vulnerabilities
Insufficient Logging and Monitoring

Mitigations

A1
A2
A3
A4
A5
A6
A7
A8
A9
A10

Screenshots

OWASP Top 10 2017: Exploit and Mitigation - Screenshot_01OWASP Top 10 2017: Exploit and Mitigation - Screenshot_02OWASP Top 10 2017: Exploit and Mitigation - Screenshot_03OWASP Top 10 2017: Exploit and Mitigation - Screenshot_04

Reviews

Tyrell
May 27, 2022
Bad audio and strong accent. Hard for me to understand or stand. Read directly from slides with people sweeping / talking in background. Provided some mitigation reasoning which is good, but ultimately nothing new
Matthew
September 23, 2021
A lot of information and examples of doing something. but no real explanation on why or what its doing or why it works. talks about mitigation but doesn't actually show any examples of how to mitigate the exploits

Coupons

DateDiscountStatus
1/9/2021100% OFF
expired
3/4/2021100% OFF
expired

Charts

Price

OWASP Top 10 2017: Exploit and Mitigation - Price chart

Rating

OWASP Top 10 2017: Exploit and Mitigation - Ratings chart

Enrollment distribution

OWASP Top 10 2017: Exploit and Mitigation - Distribution chart

Related Topics

3053168
udemy ID
4/26/2020
course created date
6/19/2020
course indexed date
Bot
course submited by