Hacking Web Applications and Penetration Testing: Fast Start
Learn main aspects of ethical web hacking, penetration testing and prevent vulnerabilities with this course
Bạn sẽ học được:
- Set up a virtual environment to practice without affecting main systems
- Install Kali Linux - a penetration testing Debian distro
- Install virtual system which has vulnerable web applications
- Basic terms, standards, services, protocols and technologies
- HTTP protocol, requests and responses
- HTTPS, TLS/SSL
- Intercepting HTTP traffic using a personal proxy
- Gather sensitive information in websites
- Find known vulnerabilities using vulnerability database
- Find known vulnerabilities using search engines
- Google Hack Database (GHDB)
- Discover unpublished directories and files associated with a target website
- Input and output manipulation
- Input and output validation approaches
- Discover and exploit reflected XSS vulnerabilities
- Discover and exploit stored XSS vulnerabilities
- Discover DOM-based XSS vulnerabilities
- Prevent XSS vulnerabilities
- Discover and exploit SQL injection vulnerabilities, and prevent them
- Bypass login mechanisms using SQL injections and login a website without password
- Find more in a database using SQL injection vulnerabilities: databases, tables and sensitive data such as passwords
- Discover & exploit blind SQL injections
- Prevent SQL injections
- Authentication methods and strategies
- Bypass authentication mechanisms
- Find unknown usernames and passwords: brute force & dictionary attacks
- Launch a dictionary attack
- Access unauthorized processes
- Escalate privileges
- Access sensitive data using path traversal attack
- Session management mechanism
- Impersonating victim by session fixation attack
- Discover and exploit CSRF (Cross Site Request Forgery)
Yêu cầu:
- You should be familiar with web sites and general technology
- You should have basic computer experience and knowledge
