Web Application Penetration Testing Course
To claim CPD Accredited Certificate for this course, please go to the certificate section & collect your certificate.
Course Curriculum
| Unit 01: Introduction | |||
| About The Course | 00:03:00 | ||
| Unit 02: BE PREPARED | |||
| Web Attack Simulation Lab | 00:12:00 | ||
| Unit 03: WEB APPLICATION TECHNOLOGIES | |||
| Web application technologies 101 – PDF | 01:34:00 | ||
| HTTP Protocol Basics | 00:11:00 | ||
| Encoding Schemes | 00:13:00 | ||
| Same Origin Policy – SOP | 00:06:00 | ||
| HTTP Cookies | 00:11:00 | ||
| Cross-origin resource sharing | 00:05:00 | ||
| Web application proxy – Burp suite | 00:09:00 | ||
| Unit 04: INFORMATION GATHERING - MAPPING THE APPLICATIONS | |||
| Fingerprinting web server | 00:05:00 | ||
| DNS Analysis – Enumerating subdomains | 00:04:00 | ||
| Metasploit for web application attacks | 00:12:00 | ||
| Web technologies analysis in real time | 00:03:00 | ||
| Outdated web application to server takeover | 00:08:00 | ||
| BruteForcing Web applications | 00:06:00 | ||
| Shodan HQ | 00:07:00 | ||
| Harvesting the data | 00:05:00 | ||
| Finding link of target with Maltego CE | 00:09:00 | ||
| Unit 05: CROSS-SITE SCRIPTING ATTACKS – XSS | |||
| Cross Site Scripting- XSS – PDF | 01:08:00 | ||
| Cross site scripting | 00:07:00 | ||
| Reflected XSS | 00:14:00 | ||
| Persistent XSS | 00:11:00 | ||
| DOM-based XSS | 00:10:00 | ||
| Website defacement through XSS | 00:09:00 | ||
| XML Documents & database | 00:14:00 | ||
| Generating XSS attack payloads | 00:13:00 | ||
| XSS in PHP, ASP & JS Code review | 00:13:00 | ||
| Cookie stealing through XSS | 00:12:00 | ||
| Advanced XSS phishing attacks | 00:08:00 | ||
| Advanced XSS with BeEF attacks | 00:10:00 | ||
| Advanced XSS attacks with Burp suite | 00:08:00 | ||
| Code Review Guide | 06:20:00 | ||
| Unit 06: SQL INJECTION ATTACKS – EXPLOITATIONS | |||
| SQL Injection attacks – PDF | 01:30:00 | ||
| Introduction to SQL Injection | 00:16:00 | ||
| Dangers of SQL Injection | 00:05:00 | ||
| Hunting for SQL Injection vulnerabilities | 00:20:00 | ||
| In-band SQL Injection attacks | 00:27:00 | ||
| Blind SQL Injection attack in-action | 00:10:00 | ||
| Exploiting SQL injection – SQLMap | 00:09:00 | ||
| Fuzzing for SQL Injection – Burp Intruder | 00:14:00 | ||
| Unit 07: CROSS SITE REQUEST FORGERY – XSRF | |||
| CSRF or XSRF attack methods | 00:12:00 | ||
| Anti-CSRF Token methods | 00:15:00 | ||
| Anti-CSRF token stealing-NOT easy | 00:11:00 | ||
| Unit 08: AUTHENTICATION & AUTHORIZATION ATTACKS | |||
| Authentication bypass-hydra | 00:11:00 | ||
| HTTP Verb Tampering | 00:09:00 | ||
| HTTP parameter pollution – HPP | 00:06:00 | ||
| Authentication | 00:10:00 | ||
| Unit 09: CLIENT SIDE SECURITY TESTING | |||
| Client side control bypass | 00:10:00 | ||
| Unit 10: FILE RELATED VULNERABILITIES | |||
| LFI & RFI attacks | 00:13:00 | ||
| Unrestricted file upload – content type | 00:06:00 | ||
| Unrestricted File Upload – Extension Type | 00:06:00 | ||
| Remote code execution using Shell Uploads | 00:09:00 | ||
| Unit 11: XML EXTERNAL ENTITY ATTACKS – XXE | |||
| XML Documents & database | 00:14:00 | ||
| XXE attacks in action | 00:14:00 | ||
| Resources | |||
| Advance intruder attack types | 00:23:00 | ||
| Finding details with open source | 00:17:00 | ||
| Assignment | |||
| Assignment -Web Application Penetration Testing Course | 00:00:00 | ||
Certificate of Achievement
Upon completion, you will receive a CPD-accredited certificate recognised globally. Choose from:
Pdf Certificate & Transcript £7.99
Hardcopy Certificate & Transcript £17.99
This certification validates your knowledge and skills, boosting your employability in healthcare.
