Web App Penetration Testing and Ethical Hacking

In this course, you will practice the art of exploiting web applications to find flaws in your enterprise's web apps. You'll learn about the attacker's tools and methods in order to be a more powerful defender. Through detailed, hands-on exercises and with guidance from the instructor, you will learn the four-step process for web application penetration testing; inject SQL into back-end databases to learn how attackers exfiltrate sensitive data; and utilize cross-site scripting attacks to dominate a target infrastructure. You will also explore various other web app vulnerabilities in-depth using proven techniques and a structured testing regimen.

Course syllabus:

  1. Introduction and Information Gathering

  2. Configuration, Identity and Authorization Testing

  3. Injection

  4. XXE and XSS

  5. CSRF, Logic Flaws and Advanced Tools

  6. Capture the Flag