Web Application Penetration Testing Course

Course Introduction

This course covers web application vulnerabilities in a practical fashion using practical labs designed for demonstrations. The course contains a theoretical part to explain the concepts and a practical part for demonstration. Course theoretical part is packed into a downloadable PDF file as well.

Course Audience

Anyone interested in learning web application penetration testing

Junior Penetration Testers

Learning Objectives

  • Understand Web application penetration testing methodology
  • Understand the concepts of web application vulnerabilities
  • Be able to conduct manual testing of web application vulnerabilities

Course Content

1- Injection vulnerabilities including but not limited to

* Command Injection

* SQL Injection: this includes error-based, blind time-based, authentication bypass and blind boolean-based

* SQLmap

2- Broken Access Control

3- Broken Authentication

4- JSON Web Tokens

5- Sensitive Data Exposure

6- SSRF aka server side request forgery

7- SSTI aka server side template injection

8- XSS aka Cross Site Scripting

9- XXE aka XML External Entity Injection

10 CSRF aka Cross Site Request Forgery

How To Join