Cyber security discipline of web application pentesting. Hands-on course that will require you to set up your own pentesting environment.
You should have familiarity with virtualized environments such as VMWare or VirtualBox and also understand how to configure a browser’s proxy settings.
Web-Application Ethical Hacking
HTTP and HTTPS basics
Examine packet structure and how packets can be manipulated by attackers
Why sites get hacked – sites get hack for a number of reasons... The main ones are because websites provide a large attack surface and the technologies that run on them are subject to common vulnerabilities such as SQLI, XSS, LFI, and RFI.
Hacker methodology – the steps followed by an attacker which consist of footprinting, scanning, enumeration, gaining access, maintaining access, and covering one’s tracks.
A host of essential tools will be presented throughout the course - Manual and automated approaches
Attack vectors included:
SQLI – structured query language injection is a common exploit that takes advantage of improperly-filtered user input.
XSS – cross site scripting takes advantage of a client-side vulnerability that allows an attacker to inject code that can execute malicious scripts.
LFI and RFI – local file inclusion and remote file inclusion respectively, are attacks where malicious files are installed on a vulnerable server.
A bunch of Hacking Tools are included
Mobile-App Ethical Hacking
SmartPhone Penetration Framework Intro
AppUse Intro
Zante Intro
Reporting
Reporting best practices – this is what sets straight-up hackers apart from the professionals.