Udemy - Web App Penetration Testing

CategoryOther
TypeTutorials
LanguageEnglish
Total size1.6 GB
Uploaded Byfreecoursewb

Downloads135
Last checkedSep. 16th '21
Date uploadedSep. 13th '21
Seeders 15
Leechers12

Infohash : 3D8A318301B49E9EC40C0AD1746F541F726C657B

Web App Penetration Testing

MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.60 GB | Duration: 3h 25m
What you'll learn
Setting up a web app pentesting lab
Burp Suite
Account enumeration and guessable accounts
weak lock-out mechanisms
Bypassing authentication schemes
Browser cache weaknesses
Account provisioning process via REST API
Directory traversal - LFI, RFI
Privilege escalation & IDOR
Session token strength using Sequencer
Cookie attributes
Session fixation
Exposed session variables & CSRF
Business logic data validation
Unrestricted file upload – bypassing weak validation
Performing process-timing attacks
Testing for the circumvention of workflows
Uploading malicious files – polyglots
Reflected cross-site scripting & Stored cross-site scripting
HTTP verb tampering & HTTP Parameter Pollution
SQL injection
Command injection
Requirements
Basic Networking
Basic Web Fundamentals
Description
This course is for Absolute Beginners to Expert levels and Freshers out of College who want to start career with Web Security.

This course is for Absolute Beginners to Expert levels. A variety of applications with known Web Security vulnerabilities and Web App Penetration Testing.

Setting up a web app pentesting lab

Burp Suite

                            Files: 
                            [ FreeCourseWeb.com ] Udemy - Web App Penetration Testing

Get Bonus Downloads Here.url (0.2 KB)
~Get Your Files Here !1. Introduction
Introduction.html (1.8 KB)
How To Setup A Virtual Penetration Testing Lab
How To Setup A Virtual Penetration Testing Lab-en_US.srt (5.3 KB)

How To Setup A Virtual Penetration Testing Lab.mp4 (58.4 MB)
Burp Suite
Listening for HTTP traffic, using Burp-en_US.srt (5.1 KB)

Listening for HTTP traffic, using Burp.mp4 (34.6 MB)

Getting to Know the Burp Suite of Tools Know the Burp Suite-en_US.srt (12.5 KB)

Getting to Know the Burp Suite of Tools Know the Burp Suite.mp4 (110.6 MB)
Assessing Authentication Schemes
Testing for account enumeration and guessable accounts-en_US.srt (3.7 KB)

Testing for account enumeration and guessable accounts.mp4 (36.9 MB)

Testing for weak lock-out mechanisms-en_US.srt (3.8 KB)

Testing for weak lock-out mechanisms.mp4 (24.0 MB)

Testing for bypassing authentication schemes-en_US.srt (6.0 KB)

Testing for bypassing authentication schemes.mp4 (63.8 MB)

Testing for browser cache weaknesses-en_US.srt (3.9 KB)

Testing for browser cache weaknesses.mp4 (38.6 MB)

Testing the account provisioning process via REST API-en_US.srt (8.9 KB)

Testing the account provisioning process via REST API.mp4 (73.6 MB)
Assessing Authorization Checks
Testing for directory traversal-en_US.srt (5.0 KB)

Testing for directory traversal.mp4 (50.2 MB)

Testing for Local File Include (LFI)-en_US.srt (4.0 KB)

Testing for Local File Include (LFI).mp4 (51.1 MB)

Testing for Remote File Include (RFI)-en_US.srt (4.3 KB)

Testing for Remote File Include (RFI).mp4 (44.4 MB)

Testing for privilege escalation-en_US.srt (5.2 KB)

Testing for privilege escalation.mp4 (62.4 MB)

Testing for insecure direct object reference-en_US.srt (5.4 KB)

Testing for insecure direct object reference.mp4 (52.8 MB)
Assessing Session Management Mechanisms
Testing session token strength using Sequencer-en_US.srt (6.0 KB)

Testing session token strength using Sequencer.mp4 (46.1 MB)

Testing for cookie attributes-en_US.srt (4.8 KB)

Testing for cookie attributes.mp4 (46.5 MB)

Testing for session fixation-en_US.srt (5.6 KB)

Testing for session fixation.mp4 (59.9 MB)

Testing for exposed session variables-en_US.srt (4.7 KB)

Testing for exposed session variables.mp4 (46.7 MB)

Testing for Cross-Site Request Forgery-en_US.srt (12.3 KB)

Testing for Cross-Site Request Forgery.mp4 (140.4 MB)
Assessing Business Logic
Testing business logic data validation-en_US.srt (5.4 KB)

Testing business logic data validation.mp4 (48.3 MB)

Unrestricted file upload – bypassing weak validation-en_US.srt (5.7 KB)

Unrestricted file upload – bypassing weak validation.mp4 (56.3 MB)

Performing process-timing attacks-en_US.srt (5.6 KB)

Performing process-timing attacks.mp4 (59.6 MB)

Testing for the circumvention of workflows-en_US.srt (10.1 KB)

Testing for the circumvention of workflows.mp4 (110.1 MB)

Uploading malicious files – polyglots-en_US.srt (6.2 KB)

Uploading malicious files – polyglots.mp4 (50.8 MB)
Evaluating Input Validation Checks
Testing for reflected cross-site scripting Testing for stored cross-site script-en_US.srt (6.4 KB)

Testing for reflected cross-site scripting Testing for stored cross-site script.mp4 (68.9 MB)

Testing for stored cross-site scripting-en_US.srt (3.2 KB)

Testing for stored cross-site scripting.mp4 (26.5 MB)

Testing for HTTP verb tampering-en_US.srt (3.2 KB)

Testing for HTTP verb tampering.mp4 (27.1 MB)

Testing for HTTP Parameter Pollution-en_US.srt (4.7 KB)

Testing for HTTP Parameter Pollution.mp4 (43.2 MB)

Testing for SQL injection-en_US.srt (4.2 KB)

Testing for SQL injection.mp4 (41.5 MB)

Testing for command injection-en_US.srt (6.4 KB)

Testing for command injection.mp4 (69.5 MB)

Bonus Resources.txt (0.3 KB)

Code:

udp://tracker.torrent.eu.org:451/announce
udp://tracker.tiny-vps.com:6969/announce
http://tracker.foreverpirates.co:80/announce
udp://tracker.cyberia.is:6969/announce
udp://exodus.desync.com:6969/announce
udp://explodie.org:6969/announce
udp://tracker.opentrackr.org:1337/announce
udp://9.rarbg.to:2780/announce
udp://tracker.internetwarriors.net:1337/announce
udp://ipv4.tracker.harry.lu:80/announce
udp://open.stealth.si:80/announce
udp://9.rarbg.to:2900/announce
udp://9.rarbg.me:2720/announce
udp://opentor.org:2710/announce