Web App Penetration Testing

Web App Penetration Testing free download

Become a bug bounty hunter! Learn to hack websites, fix vulnerabilities, and improve web security online for clients.

This course is for Absolute Beginners to Expert levels and Freshers out of College who want to start career with Web Security.

This course is for Absolute Beginners to Expert levels. A variety of applications with known Web Security vulnerabilities and Web App Penetration Testing.

1. Setting up a web app pentesting lab

2. Burp Suite

3. Testing for account enumeration and guessable accounts

4. Weak lock-out mechanisms

5. Testing for bypassing authentication schemes

6. Browser cache weaknesses

7. Testing the account provisioning process via REST API

8. Testing for directory traversal

9. Local File Include (LFI)

10. Remote File Include (RFI)

11. Testing for privilege escalation

12. IDOR

13. Testing session token strength using Sequencer

14. Testing for cookie attributes

15. Testing for session fixation

16. Exposed session variables

17. Cross-Site Request Forgery

18. Testing business logic data validation

19. Unrestricted file upload – bypassing weak validation

20. Performing process-timing attacks

21. Testing for the circumvention of workflows

22. Uploading malicious files – polyglots

23. Reflected cross-site scripting

24. Stored cross-site scripting

25. Testing for HTTP verb tampering

26. HTTP Parameter Pollution

27. Testing for SQL injection

28. Command injection

Web App Penetration Testing - Home LAB.

1 - How To Setup A Virtual Penetration Testing Lab

2 - Listening for HTTP traffic, using Burp

3 - Getting to Know the Burp Suite of Tools, Know the Burp Suite

4 - Assessing Authentication Schemes

5 - Assessing Authorization Checks

6 - Assessing Session Management Mechanisms

7 - Assessing Business Logic

8 - Evaluating Input Validation Checks

Above mentioned points will cover in this course which is help you to find Web Security Vulnerabilities and Web App Penetration testing