4.40 (91 reviews)
☑ Audit on any web app
☑ OWASP testing methodology
☑ Find complex bugs and security issues
Before I share my goal with this course, Let me first help you to get the big picture!
You see, All these Big Companies and Top Brands,
Well, When these companies get's Hacked/Breached, They are sued in the court by one person or another
THE ONLY WAY TO GET OUT IS BY PROVING DUE DILIGENCE.!!!
Now you may ask why should you care?
In a nutshell, They have to present a BOOK to the court. This book is a 100-150 page methodology report.
They show that We did all the tests given in a Global Methodology. Now if they get hacked, it's not their fault
HAVE YOU HEARD ABOUT OWASP TOP 10?
Sadly the experts promote this concept too excessively :(
Most beginners in the industry think that this will get them a job.
OWASP Top 10 is not what anyone will ask you in an interview. Infact, It is the OWASP Testing Methodology, they are looking for!!!
I want to teach you this methodology and help you differentiate yourself from the rest.
This course will allow you the Gain the ability to do a Complete Web Application Audit and create that book!
Now before you press that Enrol Button, I want to tell you that this course is not meant for everyone.
There is a lot of work needed. This won't be a Feed Me From Spoon Experience. Things are tough, But if you are willing to put in that Extra Concentrated Effort for a week on this course...
This is the best decision you would have made. Moreover, There is no way you can go wrong with Udemy's Money Back Guarantee.
Let's dive in this journey from zero to hero on web app testing.
~ Mandeep Singh
Welcome To This Course
Conduct Search Engine Discovery Reconnaissance for Information Leakage
Fingerprint Web Server
Review Web Server Meta Files
Review Web Page Comments And Meta Tags
Fingerprint Web App Framework
Configuration and Deployment Management Testing
Identity Management Testing
Testing for Weak or Unenforced Username Policy
Bypass Authentication Schema
Session Management Testing
Testing for Cross Site Request Forgery
Input Validation Testing
Testing for Cross Site Scripting
Testing for SQL Injection
Testing for SQL Injection -Continue
Testing for Command Injection
Testing for LDAP Injection
HTTP Verb Tampering
Testing for XXE
HTTP Parameter Pollution
Client Side Testing
A great course covering a great range of topics. The student needs to apply the ideas given in other contexts and also needs to undertake further research and experimentation. It is easy to see why the tutor has been very successful with bug bounty hunting. I have been bug bounty hunting for some time and this course introduced a number of fresh ideas and approaches, as well as a number of what I would call "short cuts" which speed up the process. The course covers the subjects at some speed so some basic bug bounty background would be a help, but is not essential. The explanations, particularly in the important SQL and XSS sections were good however students do need to spend a bit of extra time and to work through the examples. I highly recommend this course.
thank you very much for clearing my so many doubts Mandeep. It was very helpful to enrol in this course and finishing it. Hope to learn more in future from you and Udemy. Keep it up.
Amazing content and most important point is, it is based on real scenario. Only the downgrade I feel is explanation is not detailed as I needed.
This course helped me a lot to enhance my knowledge and understanding of web application testing. Apart from the course, support and guidance provided by sir is really great and appreciable. Awaiting for further courses by Mandeep sir.
Exact point to point explaination of the topics and the way of explaining the terms is the best part of the lecture. And also the suggestion how to study the things is the best.
IT'S Best for beginners those who want to learn bug Bounty in easy manner . And thanks for this course
The course shows us the real world scenerio regarding hacking and pen-testing... We do have various web apps out there just for testing our skills like DVWA , metasploitable2 etc... One can learn hacking on them but believe me, they are just outdated the vulnerabilities we find in them are nearly deprecated... In real life literally no website posses those vulnerabilities and in enterprise security , one has to approach Multinational-Companies which are secured by Intrusion Detection Systems and this is the real world scene of penetration testing... Our Instructor MANDEEP SINGH , did a great job to provide his personal experience in this course, regarding the real world scenario of penetration testing...
I loved the way to teach thanks for your effort and knowledge. i read book and got inspiration from you.
The instructor has demonstrated subject matter level expertise in this training. I definitely know how to perform many more attacks that I only understood in theory. Awesome.
The course is tough and gets complex around midway. Very good resource for mastering the OWASP Top 10 and Web Application Penetration Testing.
i really like this course,got here though Sagar Bansal sir and thanks a lot Mandeep Sir for making it free of cost(my parents are paranoid about hacking and if i ask them to make a transaction then it is obvious that they will get to know and all my gadgets will be confiscated )....you have changed my life