HomePentester Academy - Web Application Security Bootcamp Course
Pentester Academy - Web Application Security Bootcamp Course
₹0
Product Description
Pentester Academy - Web Application Security Bootcamp Course
✅Buy one Free get one offer
✅Beginner to Expert
✅Easy To Understand
✅Easy To Download and Copy to Paste
✅Mega.nz/folder Based
✅Language:- English
✅Total Size:- 2.2GB
✅Original Total Price Rs 19,754
✅Direct Selling No GST Cantact Me
Contact Us:
Any Doubt Any Help Contact me DM
My Instagram ID:- mysterystore_l.k
My Telegram ID:- https://t.me/mysterystore35
My Gmail ID:- jockermj4@gmail.com
Preview Video
Module I: Modern Web Applications and Protocol Basics
Learn the building blocks of web applications and how everything works behind the scenes including HTTP Methods, web design patterns, client and server-side components. Understand modern deployment architectures such as single-page applications, microservices and serverless architecture.
Client-side Languages and Concepts
Server-side Concepts
Web Servers
Web Communication - HTTP verbs
HTTP request methods
HTTP response codes
HTTP headers and security
HTTP access control
HTTP authentication
HTTP cookies
HTTPS vs HTTP
Data Storage - Database Servers
SQL
NoSQL
Web Application Architecture
Monolithic architecture
Single page applications
Microservices
Serverless architecture
Module II: Reconnaissance Basics
Learn how to perform reconnaissance on a network, identify live hosts, and fingerprint the services running on machines.
Domain Reconnaissance
Whois lookup
DNS reconnaissance
Network Scanning and Live Host Identification
Open Ports and Running Services
Identifying Architectures, Operating Systems and Frameworks
Spidering/Crawling Websites
Performing Directory Enumeration
Discovering Protected Resources
Module III: Tools of the Trade
Learn how to use popular open source tools for reconnaissance, observing, mangling data, and automation of attacks.
Enumerating Common/Framework-specific Directories
DIRB
DirBuster
Burp Suite
OpenDoor
Crawling Web Pages
ZAP
HTTrack
Burp Suite
Identifying Web Application Vulnerabilities with Scanners
Nikto
OpenVAS
Wapiti
Vega
OWASP OWTF
XSS Scanner
XSSer
Attacking Database Servers
sqlmap
jSQL
BBQSQL
Module IV: OWASP Top 10
Familiarize yourself with the OWASP Top 10 which are the most common vulnerabilities attackers are exploiting today. Learn everything with practical hands-on labs using both manual methods and tool based automation where applicable.
A1 Injection Attacks
SQL Injection
NOSQL Injection
OS Command Injection
Code Injection
A2 Broken Authentication
Weak Credentials
Default Credentials
SQL Injection
Cookie Manipulation
Parameter Tampering
A3 Sensitive Data Exposure
Plain Text Transmission (HTTP/FTP/SMTP)
Presence of .git Directory
Presence of Debugging Utilities
Installation Files/README
Backup Directory/Log Directories
Lack of Custom Error Pages
A4 XML External Entity
Classic XXE
Error Based XXE
Blind XXE
A5 Broken Access Control
Path Traversal
Remote File Inclusion
Insecure Direct Object Reference
Client-Side Checks
Missing/Improper Functional Level Access Control
Missing HTTP Method-specific Access Control on Resources
CORS Misconfiguration
A6 Security Misconfigurations
Management Applications with Weak/Default Credentials
Directory Listing Enabled
Disabled Security Features
Poor Error Handling
A7 Cross-Site Scripting
Reflected Cross-Site Scripting
Stored Cross-Site Scripting
DOM Based Cross-Site Scripting
A8 Insecure Deserialization
Remote Code Execution
Denial of Service
A9 Using Components with Known Vulnerabilities
A10 Insufficient Logging & Monitoring
Module V: Real World Attacks
Perform case study on popular real-world attacks, understand the root cause of the vulnerability, and how the attackers exploited it.