Web App Penetration Testing - A to Z

Web App Penetration Testing – A to Z

Description

This course is for Absolute Beginners to Expert levels and  Freshers out of College who want to start career with Web Security.

Web App Penetration Testing – Home LAB.

1 – How To Setup A Virtual Penetration Testing Lab 

2 – Listening for HTTP traffic, using Burp

3 – Getting to Know the Burp Suite of Tools, Know the Burp Suite

4 – Assessing Authentication Schemes

5 – Assessing Authorization Checks

6 – Assessing Session Management Mechanisms

7 – Assessing Business Logic

This course is for Absolute Beginners to Expert levels. A variety of applications with known Web Security vulnerabilities and Web App Penetration Testing.

Testing for browser cache weaknesses – Assessing Authentication Schemes

Testing for account enumeration and guessable accounts -Assessing Authentication Schemes.

Testing for weak lock-out mechanisms -Assessing Authentication Schemes

Account provisioning process via REST API – Assessing Authentication Schemes

Testing for directory traversal – Directory traversal

Assessing Authorization Checks – Local File Include

Assessing Authorization Checks – Remote File Inclusion

Assessing Authorization Checks – Privilege escalation

Assessing Authorization Checks – Insecure Direct Object Reference

Testing session token strength using Sequencer – Assessing Session Management Mechanisms

Testing for cookie attributes – Assessing Session Management Mechanisms

Testing for exposed session variables – Assessing Session Management Mechanisms

Testing for Cross-Site Request Forgery – Assessing Session Management Mechanisms

Above mentioned points will cover in this course which is help you to find Web Security  Vulnerabilities and Web App Penetration testing.

Leave a Reply