Network & Security


Pentesting WebApplications: From a Tester's Perspective

A guide for performing WebApplication Security Testing or Pentesting

3.31 (8 reviews)

Pentesting WebApplications: From a Tester's Perspective


3.5 hours


Nov 2020

Last Update
Regular Price

What you will learn

How to Pentest webapps efficiently

What is a bug and how you can exploit them

How to create a Proof of Concept for each bug


Web Applications are most important part of Internet whether you want to use email, want to download files, want to buffer some videos, you want to socialize with your friend. you use web applications 

Webapplication security testing is a Hot topic now a days every company which create website or which have their own network like Facebook and Google needs Tester. The tester performs all the tests on the webapplication to make that secure.

Webapplication has a couple of vulnerabilities which are mostly neglected by the developers usually.

A webapplication Tester earns around $103,000 per annum and not this only you can earn a lot of money by doing bug bounties in your spare time.

In this course I will teach you that how you can perform different type of testings such as testing of input validation , how to test the authorization and authentication schema any possible bypasses of them as well, how you can look for file upload, cross origin request sharing and other useful stuff. I am creating labs for some other vulnerabilities for exp business logic etc  so they will be arriving soon.

I am going to cover most of the testing methods in this course and will update this on regular basis.So lets put a break on words and lets start learning.




Learning how to use the tools

Using DirBuster to identify the hidden directories

Using Nmap

Different Type of Nmap Scans

Different type of Nmap Scans with demonstration

Banner Grabbing Using Nmap

Enumerating SubDomains

Burp Suite

Configuring Burp Suite

Burp Suite: All about tabs 1

Burp Suite: All About Tabs 2

Wrapping Up Burp

Lab Setup


Setting Up the Environment

Setting Up Environment 2

Configuration And Deployment Management Testing

HTTP Strict Transport Security

Enumerating Sensitive Endpoints

Input Validation Testing

What You will Learn in this section

HTML Injection

XSS Basics

Different type of XSS

HTTP Parameter Pollution

Authentication Issues

What You Will Learn in this section

Authentication Issues 1

Authentication Issues 2

Session Management Issues

What you will learn in this section

Cookie Attributes

Session Management 1

Session Management 2

Testing For Weak Session ID's


Authorization Testing

File Include


Client Side Issue



File Upload Vulnerabilities

Unrestricted File Upload

Open Redirect

Open Redirect Demo


CSP(Content Security Policy)


Oscar17 March 2019

So far we are just doing practical things i guess it would be a very good thing to user history of the tools and much more examples.


Udemy ID


Course created date


Course Indexed date
Course Submitted by