Offline
Tactical Web Exploitation for Penetration Testers
Created by Mohammad Sa'ed, Khalil Karoui | Published 3/2021
Duration: 10h 58m | 10 sections | 80 lectures | Video: 1280x720, 44 KHz |
Genre: eLearning | Language: English + Sub
Learn Black-Box Web Application Penetration Testing and Website Hacking from Black Hat Perspective
What you'll learn
Learn ethical Hacking and penetration testing skills
Ability to perform manual exploitation of web applications
Ability to perform multi-staged chained attacks
Ability to perform post-exploitation techniques
Ability to perform advanced local file inclusion attacks (LFI)
Ability to perform directory traversal attacks (Path Traversal)
Ability to perform cross site request forgery attacks
Ability to exploit time-based blind SQL injection (SQLi)
Ability to leverage second order cross-site scripting (XSS)
Ability to exploit and weaponizing cross-site scripting vulnerability
Learn Advanced use of BurpSuite, and Much More
Show more
Show less
Requirements
Good Knowledge of the Linux System.Good Understanding of Web Penetration Testing Techniques and Methodologies.
Description
Welcome to Tactical Web Exploitation for Penetration Testers online course (TWXS01). This is an aggressive, intensive and highly advanced web application security-training course, focusing on exploiting the toughest web application vulnerabilities. It aims to teach you the skills and techniques needed to conduct a black box web application penetration tests.
\n
This training course will introduce you to the very core of the web application exploitation process. You'll learn the different phases involved in the black box security testing methodology by testing the applications from the outside in, with little or no prior knowledge of the application's internal workings, using the same methods and techniques conducted by Black Hats.
\n
TWXS01 is a comprehensive 11-hour online course that will teach you all about web attacks and exploitation. You will practice the art of manually exploiting web applications. You will learn about the attacker's tools, methods and skills needed to conduct a black box web application penetration tests through detailed, 100% hands-on exercises and with guidance from the instructors.
\n
By the end of this course, you will be able to take your skills to the next level, being able to perform advanced web application attacks, chain attacks using multiple vulnerabilities, using creative and innovative ways of exploiting web vulnerabilities, replicate the discovered vulnerabilities, which will help you sharpen your skills to meet the challenges in this constantly updating industry.
\n
This 11 hour course, is divided into nine essential sections as shown in the course syllabus. It features many topics, including:
Burpsuite essentials: a minimized course with 10 sections which allow you to acquire a decent familiarity and knowledge about the key features and the most used tools in Burp to perform various crucial tasks.
WordPress CSRF To Remote Code Execution: It teaches you how to exploit WordPress core vulnerabilities by chaining them into complex attacks where you will end up with a remote code execution. You will also learn how to bypass implemented security mechanisms with tact and class.
WordPress Improper Control to Code Injection: You will learn the latest advanced exploitation techniques to get a foothold on your WordPress target by varying different methods, including: targeting WordPress core vulnerabilities, to time-based blind SQL injection attacks.
Gitlab Mutli-Vulnerabilities to Remote Code Execution: This module is a piece of art with 16 sections dedicated for Gitlab exploitation by targeting multiple vulnerabilities, this module will dive deep into the penetration testing process from target scanning to remote command execution.
