All in One Offer! | Access Unlimited Courses in any category starting at just $29. Signup today. Offer Ends in: 8 Days!

Browse Library

Get Unlimited Learning Access
$29
8 days left at this price!
30-Day Money-Back Guarantee

It Includes

  • Get Full Access to the platform
  • Access upto 16000+ online courses
  • Play & Pause Course Viewing
  • HD Recorded Lectures
  • Access on Mobile/PC/Tablet
  • Includes Real Projects
  • Online iLab Access
  • Certificate of Completion
  • Download for offline viewing
  • Cancel Anytime
$29
  • You will understand about how to make use of the most popular vulnerabilities (OWASP TOP 10) to hack into a website and the ways to prevent it.

DISCLAIMER:

-----------------

ANY ACTIONS AND OR ACTIVITIES RELATED TO THE MATERIAL CONTAINED WITHIN THIS COURSE IS SOLELY YOUR RESPONSIBILITY. THE MISUSE OF THE INFORMATION IN THIS CAN RESULT IN CRIMINAL CHARGES BROUGHT AGAINST THE PERSONS IN QUESTION. THE INSTRUCTOR OR THE PLATFORM WILL NOT BE HELD RESPONSIBLE IN THE EVENT ANY CRIMINAL CHARGES BE BROUGHT AGAINST ANY INDIVIDUALS MISUSING THE INFORMATION IN THIS COURSE TO BREAK THE LAW.

Hello and welcome to Web Based Ethical Hacking and Penetration Testing for Beginners. This course is an introduction to your career as a web security expert.

 

Internet is all around us. We have been using the facilities of internet since a long while and as the internet came in, the cyber-security threat also started to appear. You can hear stories of cyber-attacks day by day in news papers and media.

 

As the facilities, the easiness and the comfort of using internet based applications, even if its a web application or a mobile application which is using a cloud based API, the chances of getting a cyber attack has also been increased. It has been increased to such a level that we cannot even predict what happens the next day, because hackers are always alert and vigilant and they are looking for a loophole to get into an application and steal your information.

 

Like the saying " A person knows how to break a lock, can make a good lock !" , because he knows the vulnerabilities, he knows the loop holes and that person can build a good secure application or he can guide the developer to build a good application which is almost secure and which does not have the loop holes that has already been discovered.

 

So being cyber security professionals or being cyber security enthusiasts , we will deal with the OWASP Top 10 vulnerabilities . OWASP is a community based project, that is Open Web Application Security Project. Periodically they will be updating their list of vulnerabilities. And in this Top 10 list of vulnerabilities we will be having a subset of other vulnerabilities which will be coming under this top 10 vulnerabilities. So we will cover almost 30 kind of most popular vulnerabilities in this course and these vulnerabilities are the common vulnerabilities that is currently in the Cyber World.

 

Once you get hold of these 30 vulnerabilities, you will be having enough confidence to test a web application or test a cloud based application in an API based application, a mobile application which is using a cloud based API. In every session I am giving you the mitigations, the defensive mechanisms that we can follow to avoid the vulnerability that we discussed in that particular session. So you will be able to suggest the defensive measures to the programmer or to the developer who is developing the web application.

 

Please make sure you are using these techniques only for Penetration Testing as well as Ethical Hacking and please do not use it for any other illegal purpose or any other un-ethical kind of things.

 

Cyber-security and Penetration Testing is a very lucrative career. This course is indented for Cyber Security Beginners, with an overview of basic web coding, interested to come into the cyber security world,and also, existing Testers, who are willing to go into the Penetration Testing. People who are interested in Ethical Hacking can also do this course.

 

In this course, we will be concentrating mainly on how Penetration Testing can be done on web based applications. And it can also be used for mobile based applications because most of the mobile based applications communicate with a cloud based API. The security of this API is actually the security of the mobile application which is using this API. And by the end of this course, we will be providing you with a course completion certificate on-demand, which you can include in your resume and it will be giving very high value to your current profile.

 

I promise that you are going to have a really thrilling experience doing Penetration Testing and Ethical Hacking. So see you soon in the class room.

  • Should have the basic knowledge of how web applications work. However, its good to have basic HTML, Java-script and PHP knowledge. A minimal configuration PC or laptop would be fine.
  • Beginners, curious about penetration testing, who have an overview of how web applications work, good to have basic HTML, Java-script and PHP knowledge. Developers and testers who want to upgrade themselves as penetration testers.
View More...
  • Section 1 : Quick Overview of the Course 1 Lectures 00:06:29

    • Lecture 1 :
    • Quick Overview of the Course Preview
  • Section 2 : Lab Setup 1 : Install WAMP 1 Lectures 00:04:23

    • Lecture 1 :
    • Install WAMP, the Apache, PHP and MySQL stack for hosting the demo web server
  • Section 3 : Lab Setup 2: Install Mutillidae 1 Lectures 00:05:50

    • Lecture 1 :
    • Install Mutillidae II, a free, open source, deliberately vulnerable web-app
  • Section 4 : Lab Setup 3: Install Burp Suite 2 Lectures 00:09:40

    • Lecture 1 :
    • Install Burp Suite - An integrated platform for security testing of web Sites
    • Lecture 2 :
    • Troubleshooting Burp : Cannot load HTTPS Websites
  • Section 5 : SQL Injection - Attack and Defenses 1 Lectures 00:09:43

    • Lecture 1 :
    • SQL Injection - Attack and Defenses
  • Section 6 : OS Command Injection - Attack and Defenses 1 Lectures 00:07:25

    • Lecture 1 :
    • OS Command Injection - Attack and Defenses
  • Section 7 : JSON Injection Attack using Reflected XSS Technique and Defense Measures 1 Lectures 00:11:39

    • Lecture 1 :
    • JSON Injection Attack using Reflected XSS Technique and Defense Measures
  • Section 8 : Cookie Manipulation Attack and Defenses 1 Lectures 00:11:09

    • Lecture 1 :
    • Cookie Manipulation Attack and Defenses
  • Section 9 : Username Enumeration Attack - Part 1& 2 2 Lectures 00:07:07

    • Lecture 1 :
    • Username Enumeration Attack - Part 1
    • Lecture 2 :
    • Username Enumeration Attack and Defense Tips - Part 2
  • Section 10 : Brute Force Attack Technique and Defenses 1 Lectures 00:11:49

    • Lecture 1 :
    • Brute Force Attack Technique and Defenses
  • Section 11 : Cross Site Scripting (Reflected XXS using HTML Context) 1 Lectures 00:08:15

    • Lecture 1 :
    • Cross Site Scripting (Reflected XXS using HTML Context)
  • Section 12 : Cross Site Scripting (Reflected XSS using JavaScript) 1 Lectures 00:10:40

    • Lecture 1 :
    • Cross Site Scripting (Reflected XSS using JavaScript)
  • Section 13 : Storage Cross Site Scripting Attack - XSS Defenses 1 Lectures 00:11:03

    • Lecture 1 :
    • Storage Cross Site Scripting Attack - XSS Defenses
  • Section 14 : Insecure Direct Object Reference - IDOR and Defense using File Tokens 1 Lectures 00:08:06

    • Lecture 1 :
    • Insecure Direct Object Reference - IDOR and Defense using File Tokens
  • Section 15 : Insecure Direct Object Reference - IDOR and Defense using URL Tokens 1 Lectures 00:05:04

    • Lecture 1 :
    • Insecure Direct Object Reference - IDOR and Defense using URL Tokens
  • Section 16 : Directory Browsing / Traversal Threat Demonstration 1 Lectures 00:05:33

    • Lecture 1 :
    • Directory Browsing / Traversal Threat Demonstration
  • Section 17 : XXE - XML External Entity Attack 1 Lectures 00:05:56

    • Lecture 1 :
    • XXE - XML External Entity Attack
  • Section 18 : User Agent Manipulation or Spoofing Attack 1 Lectures 00:08:03

    • Lecture 1 :
    • User Agent Manipulation or Spoofing Attack
  • Section 19 : Security miss-configuration Attack Defenses (DIR Browsing, XXE, User Agent) 1 Lectures 00:04:34

    • Lecture 1 :
    • Security miss-configuration Attack Defenses (DIR Browsing, XXE, User Agent)
  • Section 20 : Sensitive Data Exposure Vulnerability (HTML/CSS/JS Comments) 1 Lectures 00:04:30

    • Lecture 1 :
    • Sensitive Data Exposure Vulnerability (via HTML/CSS/JS Comments)
  • Section 21 : Hidden / Secret URL Vulnerability and Defenses 1 Lectures 00:00:00

    • Lecture 1 :
    • Hidden / Secret URL Vulnerability and Defenses
  • Section 22 : HTML 5 Web Storage Vulnerability and Defenses 1 Lectures 00:08:43

    • Lecture 1 :
    • HTML 5 Web Storage Vulnerability and Defenses
  • Section 23 : Role Based Access Vulnerability and Defense 1 Lectures 00:05:08

    • Lecture 1 :
    • Role Based Access Vulnerability and Defense
  • Section 24 : CSRF - Cross Site Request Forgery Attack 2 Lectures 00:12:59

    • Lecture 1 :
    • CSRF - Cross Site Request Forgery Attack - Part 1
    • Lecture 2 :
    • CSRF - Cross Site Request Forgery Attack & Defenses - Part 2
  • Section 25 : Entropy Analysis for CSRF Token 1 Lectures 00:11:35

    • Lecture 1 :
    • Entropy Analysis for CSRF Token
  • Section 26 : CVSS - Common Vulnerability Scoring System 1 Lectures 00:05:57

    • Lecture 1 :
    • CVSS - Common Vulnerability Scoring System
  • Section 27 : Unvalidated URL Redirect Attack and Prevention code sample 1 Lectures 00:07:36

    • Lecture 1 :
    • Unvalidated URL Redirect Attack and Prevention code sample
  • How do i access the course after purchase?

    It's simple. When you sign up, you'll immediately have unlimited viewing of thousands of expert courses, paths to guide your learning, tools to measure your skills and hands-on resources like exercise files. There’s no limit on what you can learn and you can cancel at any time.
  • Are these video based online self-learning courses?

    Yes. All of the courses comes with online video based lectures created by certified instructors. Instructors have crafted these courses with a blend of high quality interactive videos, lectures, quizzes & real world projects to give you an indepth knowledge about the topic.
  • Can i play & pause the course as per my convenience?

    Yes absolutely & thats one of the advantage of self-paced courses. You can anytime pause or resume the course & come back & forth from one lecture to another lecture, play the videos mulitple times & so on.
  • How do i contact the instructor for any doubts or questions?

    Most of these courses have general questions & answers already covered within the course lectures. However, if you need any further help from the instructor, you can use the inbuilt Chat with Instructor option to send a message to an instructor & they will reply you within 24 hours. You can ask as many questions as you want.
  • Do i need a pc to access the course or can i do it on mobile & tablet as well?

    Brilliant question? Isn't it? You can access the courses on any device like PC, Mobile, Tablet & even on a smart tv. For mobile & a tablet you can download the Learnfly android or an iOS app. If mobile app is not available in your country, you can access the course directly by visting our website, its fully mobile friendly.
  • Do i get any certificate for the courses?

    Yes. Once you complete any course on our platform along with provided assessments by the instructor, you will be eligble to get certificate of course completion.
  • For how long can i access my course on the platform?

    You require an active subscription to access courses on our platform. If your subscription is active, you can access any course on our platform with no restrictions.
  • Is there any free trial?

    Currently, we do not offer any free trial.
  • Can i cancel anytime?

    Yes, you can cancel your subscription at any time. Your subscription will auto-renew until you cancel, but why would you want to?

938337 Course Views

19 Courses

I am a pioneering, talented and security-oriented Android/iOS Mobile and PHP/Python Web Developer Application Developer offering more than eight years’ overall IT experience which involves designing, implementing, integrating, testing and supporting impact-full web and mobile applications. I am a Post Graduate Masters Degree holder in Computer Science and Engineering. My experience with PHP/Python Programming is an added advantage for server-based Android and iOS Client Applications. I am currently serving full-time as a Senior Solution Architect managing my client's projects from start to finish to ensure high-quality, innovative and functional design.
View More...
  • learn-nxtgen-hacking-with-technology

    Learn NxtGen Hacking with Technolog...

    By : Gopikrishna C

    Lectures 80 Beginner Level 8:29:27
  • tcp-ip-the-complete-course

    TCP/IP: The Complete Course

    By : Lazaro (Laz) Diaz

    Lectures 17 Beginner Level 1:52:18
  • voip-configuration-and-attacking-hacking

    VoIP Configuration and Attacking (H...

    By : Arpit Mittal

    Lectures 6 Beginner Level 0:10:40
  • cissp-certification-introduction

    CISSP- Certification Introduction

    By : MUKESH SINGH

    Lectures 18 Intermediate Level 2:4:20
  • practical-blockchain-smart-contracts-ethereum-solidity

    Practical Blockchain & Smart Contra...

    By : Abhilash Nelson

    Lectures 40 Beginner Level 4:56:0
  • the-complete-xmpp-course-chat-server-setup-android-ios-apps

    The Complete XMPP Course: Chat Serv...

    By : Abhilash Nelson

    Lectures 10 Beginner Level 0:47:3
Sign Up & Start Learning
By signing up, you agree to our Terms of Use and Privacy Policy
Create New Password
Enter your email address and we'll send you a link to reset your password.