Cyber security discipline of web application pentesting. Hands-on course that will require you to set up your own pentesting environment.
You should have familiarity with virtualized environments such as VMWare or VirtualBox and also understand how to configure a browser’s proxy settings.
Web-Application Ethical Hacking
Mobile-App Ethical Hacking
Reporting
You should have familiarity with virtualized environments such as VMWare or VirtualBox and also understand how to configure a browser’s proxy settings.
Web-Application Ethical Hacking
- HTTP and HTTPS basics
- Examine packet structure and how packets can be manipulated by attackers
- Why sites get hacked – sites get hack for a number of reasons... The main ones are because websites provide a large attack surface and the technologies that run on them are subject to common vulnerabilities such as SQLI, XSS, LFI, and RFI.
- Hacker methodology – the steps followed by an attacker which consist of footprinting, scanning, enumeration, gaining access, maintaining access, and covering one’s tracks.
- A host of essential tools will be presented throughout the course - Manual and automated approaches
- Attack vectors included:
- SQLI – structured query language injection is a common exploit that takes advantage of improperly-filtered user input.
- XSS – cross site scripting takes advantage of a client-side vulnerability that allows an attacker to inject code that can execute malicious scripts.
- LFI and RFI – local file inclusion and remote file inclusion respectively, are attacks where malicious files are installed on a vulnerable server.
- A bunch of Hacking Tools are included
Mobile-App Ethical Hacking
- SmartPhone Penetration Framework Intro
- AppUse Intro
- Zante Intro
Reporting
- Reporting best practices – this is what sets straight-up hackers apart from the professionals.
