Web Application Hacking 101

What you'll learn
The Students will be able test/identify security vulnerabilities in their application and take appropriate decisions to safeguard their applications
Requirements
The Students need to have basic knowledge of web applications.
Description
This is an excellent course on learning the art of Web Application Hacking a.k.a Web Application Penetration testing (WAPT). It focuses on preparing the students /developers /auditors to face the real world of Web Application Penetration testing while helping them safeguard their company's applications, data and reputation.
This Course starts from teaching you the basics of any attack and then substantiating it with pure technical skills. It is designed to cover all the latest attacks of Web Application like Web Attacks, Web Services, Flash Attacks, Injection attacks and many more at an affordable price for all the ethical hacking enthusiasts.
Top 10 Reasons to buy this course than any other Web Hacking course on Udemy
Follows a multi-step approach to provide in-depth knowledge on the attacks
Introduces a security issue(Vulnerability)We then deep dive in to the issue to get a better understanding This is followed a practical demonstration Finally we look at how we can secure the application against these vulnerabilities
New modules are added every monthCovers traditional attacks like Cross Site Scripting and SQL InjectionCovers LDAP Injection (not covered by other web hacking courses on Udemy)Covers Flash Based attacks (not covered by other web hacking courses on Udemy)Covers XML Injection, XSLT Injection and XPath injections (not covered by other web hacking courses on Udemy) Covers Web Services Attacks (not covered by other web hacking courses on Udemy) This course helps you prepare for the real worldMultiple quizzes added to test your understanding at various phases during the courseHelps in setting up Sample vulnerable test beds so that the students can get their hands dirty to learn these attacks
Be Safe Keep Safe!!
--> New modules added
10th October - LDAP Attacks
17th October - Introduction to File Upload Attacks.
30th October - File Upload attacks / Exploitation / Mitigation videos
3rd December - Published - Introduction to CAPTCHAs (Free Preview)
Modules on Attacking/Bypassing CAPTCHAS and Bruteforce Attack to be added shortly (Stay tuned)
Overview
Section 1: Introduction
Lecture 1 Introduction to Web Application Penetration Testing
Lecture 2 Web Application Information Gathering
Lecture 3 Basics of HTTP Request / Response
Lecture 4 Introduction to BURP Suite Proxy Tool
Section 2: Setting up Sample Test Application
Lecture 5 DVWA Application Installation Guide
Lecture 6 Installation of Mutillidae II application
Section 3: Introduction to Web Application Session Management
Lecture 7 Web Application Cookies
Lecture 8 Web Session Management attacks
Section 4: Cross Site Scripting Attacks
Lecture 9 Basics of Cross Site Scripting Attacks
Lecture 10 Reflected Cross Site Scripting
Lecture 11 Stored Cross Site Scripting
Lecture 12 Mitigating Cross Site Scripting Attacks
Lecture 13 DOM Based Cross Site Scripting Attack
Section 5: Clickjacking Attacks
Lecture 14 Introduction to Clickjacking Attacks
Lecture 15 Testing for Clickjacking Attacks
Section 6: Flash Based Attacks
Lecture 16 Introduction to Flash Applications
Lecture 17 Setting up a Vulnerable Flash application
Lecture 18 De-compiling Flash Applications
Lecture 19 Cross Site Scripting in Flash Applications
Lecture 20 Cross Site Flashing in Flash Applications
Lecture 21 HTML Injection in Flash Applications
Lecture 22 Phishing Attacks through Flash Applications
Lecture 23 Impact Analysis & Mitigating Flash Attacks
Section 7: XPath Injection Attacks
Lecture 24 XPATH Basics
Lecture 25 XPATH Injection
Section 8: XSLT Injection
Lecture 26 XSLT Basics
Lecture 27 XSLT Injection
Section 9: XML Attacks
Lecture 28 XML Basics
Lecture 29 XML CDATA Injection
Lecture 30 XML External Entity Injection
Lecture 31 XML Entity Expansion Attack
Section 10: Web Service Attacks
Lecture 32 Web Service Basics
Lecture 33 Web Services Attacks
Lecture 34 Web Service Clients Tutorial
Lecture 35 Web Services - SQL Injection
Lecture 36 Web Services - Command Injection
Lecture 37 Web Service - SOAP Array DOS Attack
Lecture 38 Web Service - SOAPAction Header Manipulation Attack
Section 11: SQL Injection Attacks
Lecture 39 SQL - Basic Concepts
Lecture 40 SQL Injection - Introduction
Lecture 41 SQL Injection - Union Based Exploitation
Lecture 42 SQL Injection Boolean Based Exploitation
Lecture 43 SQL Injection Time Based Exploitation
Lecture 44 SQL Injection Mitigation
Section 12: Cross Site Request Forgery (CSRF) Attacks
Lecture 45 Introduction to CSRF Attacks
Lecture 46 Testing for CSRF Attacks
Section 13: LDAP Injection Attacks
Lecture 47 Basics of LDAP
Lecture 48 Exploiting LDAP Injection
Section 14: File Upload Attacks
Lecture 49 Introduction to File Upload Attacks
Lecture 50 File Upload Attacks using Web Shells
Lecture 51 File Upload Attacks - Malicious Virus upload
Lecture 52 File Upload Attacks - Path Manipulation
Lecture 53 Mitigating File Upload Attacks
Lecture 54 Mitigating File Upload Attacks
Section 15: Bonus Modules!!!!!
Lecture 55 Keyloggers and Virtual Keyboards
Lecture 56 File Inclusion Attacks
Lecture 57 OS Command Injection
Section 16: Attacking and securing CAPTCHs
Lecture 58 Introduction to CAPTCHAs
Lecture 59 Bypassing CAPTCHAs
This course is for Students looking to build a successful career in Ethical Hacking.,This course is for developers looking to safeguard their applications.,This is also for the security auditors who have to audit the application from security perspective


Homepage

https://www.udemy.com/course/web-app-hacking/