Web App Penetration Testing & Bug Bounty Hunting

0 ratings

This course is for Absolute Beginners to Expert levels and Freshers out of College who want to start career with Web Security.

This course is for Absolute Beginners to Expert levels. A variety of applications with known Web Security vulnerabilities and Web App Penetration Testing.

  1. Setting up a web app pentesting lab
  2. Burp Suite
  3. Testing for account enumeration and guessable accounts
  4. Weak lock-out mechanisms
  5. Testing for bypassing authentication schemes
  6. Browser cache weaknesses
  7. Testing the account provisioning process via REST API
  8. Testing for directory traversal
  9. Local File Include (LFI)
  10. Remote File Include (RFI)
  11. Testing for privilege escalation
  12. IDOR
  13. Testing session token strength using Sequencer
  14. Testing for cookie attributes
  15. Testing for session fixation
  16. Exposed session variables
  17. Cross-Site Request Forgery
  18. Testing business logic data validation
  19. Unrestricted file upload – bypassing weak validation
  20. Performing process-timing attacks
  21. Testing for the circumvention of workflows
  22. Uploading malicious files – polyglots
  23. Reflected cross-site scripting
  24. Stored cross-site scripting
  25. Testing for HTTP verb tampering
  26. HTTP Parameter Pollution
  27. Testing for SQL injection
  28. Command injection

Web App Penetration Testing - Home LAB.

1 - How To Setup A Virtual Penetration Testing Lab

2 - Listening for HTTP traffic, using Burp

3 - Getting to Know the Burp Suite of Tools, Know the Burp Suite

4 - Assessing Authentication Schemes

5 - Assessing Authorization Checks

6 - Assessing Session Management Mechanisms

7 - Assessing Business Logic

8 - Evaluating Input Validation Checks

Above mentioned points will cover in this course which is help you to find Web Security Vulnerabilities and Web App Penetration testing

I want this!
Copy product URL

Web App Penetration Testing & Bug Bounty Hunting

0 ratings
I want this!