Web Application Hacking and Penetration Testing v3.1

About this Course:

Course overview:

WAPTP v3.1 is highly practical and hands-on training for Web application penetration testing that covers the OWASP top 10 vulnerabilities to attack and secure. Combining the most advanced techniques used by offensive hackers to exploit and secure.

Course at a glance:

Starting with various terminologies of web technologies such as HTTP cookies CORS Same-origin-policy etc and ends with multiple resources. Once you get sufficient insights of web technologies the second module covers the Mapping of application for insecurities with various tools and tricks with heavy usage of most advanced intercepting proxy Burp Suite. Mostly focused over serious vulnerabilities such as SQL Injection Cross-site scripting Cross-site request forgery XML External Entity - XXE - attacks Remote command Execution Identifying load balancers Metasploit for web applications Advanced phishing attacks through XSS and more

Training Methodology:

Every lesson starts with Finding and hunting for vulnerability by taking the points how developers make and secure the web application at the time of development once we have the clear path of working of development phase to security then we hunt for application business logics to attack. This is where most penetration testers failed in their own game.

If I need to chop down a tree in six hours i will use four hours to sharpen my axe and rest 2 hours to cut the tree. The same strategy has been covered in this course. we start with getting around of web applications by making analysis of application and watching the working behavior of the same.

This course has been adapted from our work experience at gray hat security.

Course materials:

• Offline access to read PDF slides
• 8+ Hours of Videos lessons
• Self-paced HTML or Flash
• Access from PC TABLETS SMARTPHONES.
• 400+ PDF Slides

Basic knowledge:

• Basics of computer and Internet

Course Completion Certificate

What you will learn:

• Assess Web applications insecurities
• Audit OWASP Top 10
• Penetrate web applications
• Hack web application to assess security vulnerabilities
• Perform web security audits
• Perform bug hunting
• Burp suite advanced
• Analysing web apps with Burp suite
• Be a Web app hacker!
• Be a bug bounty hacker and earn money

Curriculum:

• Introduction and lab preparation
• Web application technologies 101
• Information gathering - mapping the applications
• Cross-Site Scripting Attacks - Xss
• Sql Injection Attacks - Exploitations
• Cross Site Request Forgery - XSRF
• Authentication and Authorization Attacks
• Client Side Security Testing
• File Related Vulnerabilities
• XML External Entity Attacks - Xxe
• EXTERNAL RESOURCES FOR WEBSITE AUDITING

Simpliv LLC, a platform for learning and teaching online courses. We basically focus on online learning which helps to learn business concepts, software technology to develop personal and professional goals through video library by recognized industry experts or trainers.

Why Simpliv

With the ever-evolving industry trends, there is a constant need of the professionally designed learning solutions that deliver key innovations on time and on a budget to achieve long-term success.

Simpliv understands the changing needs and allows the global learners to evaluate their technical abilities by aligning the learnings to key business objectives in order to fill the skills gaps that exist in the various business areas including IT, Marketing, Business Development, and much more.