Learn main aspects of ethical web hacking, penetration testing and prevent vulnerabilities with this course
What Will I Learn?

    Set up a virtual environment to practice without affecting main systems

    Install Kali Linux – a penetration testing Debian distro

    Install virtual system which has vulnerable web applications
    Basic terms, standards, services, protocols and technologies
    HTTP protocol, requests and responses
    HTTPS, TLS/SSL
    Intercepting HTTP traffic using a personal proxy
    Gather sensitive information in websites
    Find known vulnerabilities using vulnerability database
    Find known vulnerabilities using search engines
    Google Hack Database (GHDB)
    Discover unpublished directories and files associated with a target website
    Input and output manipulation
    Input and output validation approaches
    Discover and exploit reflected XSS vulnerabilities
    Discover and exploit stored XSS vulnerabilities
    Discover DOM-based XSS vulnerabilities
    Prevent XSS vulnerabilities
    Discover and exploit SQL injection vulnerabilities, and prevent them
    Bypass login mechanisms using SQL injections and login a website without password
    Find more in a database using SQL injection vulnerabilities: databases, tables and sensitive data such as passwords
    Discover & exploit blind SQL injections
    Prevent SQL injections
    Authentication methods and strategies
    Bypass authentication mechanisms
    Find unknown usernames and passwords: brute force & dictionary attacks
    Launch a dictionary attack
    Access unauthorized processes
    Escalate privileges
    Access sensitive data using path traversal attack
    Session management mechanism
    Impersonating victim by session fixation attack
    Discover and exploit CSRF (Cross Site Request Forgery)

Requirements

    You should be familiar with web sites and general technology
    You should have basic computer experience and knowledge