3.31 (8 reviews)
☑ How to Pentest webapps efficiently
☑ What is a bug and how you can exploit them
☑ How to create a Proof of Concept for each bug
Web Applications are most important part of Internet whether you want to use email, want to download files, want to buffer some videos, you want to socialize with your friend. you use web applications
Webapplication security testing is a Hot topic now a days every company which create website or which have their own network like Facebook and Google needs Tester. The tester performs all the tests on the webapplication to make that secure.
Webapplication has a couple of vulnerabilities which are mostly neglected by the developers usually.
A webapplication Tester earns around $103,000 per annum and not this only you can earn a lot of money by doing bug bounties in your spare time.
In this course I will teach you that how you can perform different type of testings such as testing of input validation , how to test the authorization and authentication schema any possible bypasses of them as well, how you can look for file upload, cross origin request sharing and other useful stuff. I am creating labs for some other vulnerabilities for exp business logic etc so they will be arriving soon.
I am going to cover most of the testing methods in this course and will update this on regular basis.So lets put a break on words and lets start learning.
Learning how to use the tools
Using DirBuster to identify the hidden directories
Different Type of Nmap Scans
Different type of Nmap Scans with demonstration
Banner Grabbing Using Nmap
Configuring Burp Suite
Burp Suite: All about tabs 1
Burp Suite: All About Tabs 2
Wrapping Up Burp
Setting Up the Environment
Setting Up Environment 2
Configuration And Deployment Management Testing
HTTP Strict Transport Security
Enumerating Sensitive Endpoints
Input Validation Testing
What You will Learn in this section
Different type of XSS
HTTP Parameter Pollution
What You Will Learn in this section
Authentication Issues 1
Authentication Issues 2
Session Management Issues
What you will learn in this section
Session Management 1
Session Management 2
Testing For Weak Session ID's
Client Side Issue
File Upload Vulnerabilities
Unrestricted File Upload
Open Redirect Demo
CSP(Content Security Policy)
So far we are just doing practical things i guess it would be a very good thing to user history of the tools and much more examples.