最新消息:请大家多多支持

Web App Penetration Testing

教程/Tutorials dsgsd 232浏览 0评论

MP4 | Video: h264, 1280×720 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.60 GB | Duration: 3h 25m

What you’ll learn
Setting up a web app pentesting lab
Burp Suite
Account enumeration and guessable accounts
weak lock-out mechanisms
Bypassing authentication schemes
Browser cache weaknesses
Account provisioning process via REST API
Directory traversal – LFI, RFI
Privilege escalation & IDOR
Session token strength using Sequencer
Cookie attributes
Session fixation
Exposed session variables & CSRF
Business logic data validation
Unrestricted file upload – bypassing weak validation
Performing process-timing attacks
Testing for the circumvention of workflows
Uploading malicious files – polyglots
Reflected cross-site scripting & Stored cross-site scripting
HTTP verb tampering & HTTP Parameter Pollution
SQL injection
Command injection
Requirements
Basic Networking
Basic Web Fundamentals
Description
This course is for Absolute Beginners to Expert levels and Freshers out of College who want to start career with Web Security.

This course is for Absolute Beginners to Expert levels. A variety of applications with known Web Security vulnerabilities and Web App Penetration Testing.

Setting up a web app pentesting lab

Burp Suite

Testing for account enumeration and guessable accounts

Weak lock-out mechanisms

Testing for bypassing authentication schemes

Browser cache weaknesses

Testing the account provisioning process via REST API

Testing for directory traversal

Local File Include (LFI)

Remote File Include (RFI)

Testing for privilege escalation

IDOR

Testing session token strength using Sequencer

Testing for cookie attributes

Testing for session fixation

Exposed session variables

Cross-Site Request Forgery

Testing business logic data validation

Unrestricted file upload – bypassing weak validation

Performing process-timing attacks

Testing for the circumvention of workflows

Uploading malicious files – polyglots

Reflected cross-site scripting

Stored cross-site scripting

Testing for HTTP verb tampering

HTTP Parameter Pollution

Testing for SQL injection

Command injection

Web App Penetration Testing – Home LAB.

1 – How To Setup A Virtual Penetration Testing Lab

2 – Listening for HTTP traffic, using Burp

3 – Getting to Know the Burp Suite of Tools, Know the Burp Suite

4 – Assessing Authentication Schemes

5 – Assessing Authorization Checks

6 – Assessing Session Management Mechanisms

7 – Assessing Business Logic

8 – Evaluating Input Validation Checks

Above mentioned points will cover in this course which is help you to find Web Security Vulnerabilities and Web App Penetration testing

Who this course is for:
Penetration Testing
Web App Penetration Testing
Web Securtiy
Ethical Hacking
Bug Hunter
Bug Bounty
Web Pentesting Lab


Password/解压密码www.tbtos.com

Download rapidgator
https://rapidgator.net/file/5bef4cbf22615ee77f434e49924de6d5/0908_17.z01.html
https://rapidgator.net/file/c76cecb4e9031e89e3467a59a612de09/0908_17.zip.html

Download nitroflare
https://nitro.download/view/E500B6BB8EAB428/0908_17.z01
https://nitro.download/view/B46D868768B3854/0908_17.zip

资源下载此资源仅限VIP下载,请先

转载请注明:0daytown » Web App Penetration Testing

您必须 登录 才能发表评论!