Web App Penetration Testing | A Full Course for Beginners
Learn web application penetration testing from beginner to advanced. This course is perfect for people who are interested in cybersecurity or ethical hacking.
2018-12-12 19:00:00 - freeCodeCamp.org
Resources:
Burp Suite: https://portswigger.net/burp
WAFW00F: https://github.com/EnableSecurity/wafw00f
OWASP SAP: https://www.zaproxy.org
Metasploit: https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers
Kali Linux: https://www.kali.org/downloads/
OWASP Juice Shop https://owasp.org/www-project-juice-shop
Damn Vulnerable Web Application (DVWA): http://www.dvwa.co.uk
Course Contents:
0:00:00 - Setting Up Burp Suite
0:08:07 - Spidering & DVWA
0:19:04 - Brute Force Attacks With Burp Suite
0:32:55 - Target Scope And Spidering
0:46:32 - Discovering Hidden Files With ZAP
1:04:24 - Web Application Firewall Detection with WAFW00F
1:12:28 - DirBuster
1:25:27 - XSS(Reflected, Stored & DOM)
1:41:22 - CSRF (Cross Site Request Forgery)
2:02:42 - Cookie Collection & Reverse Engineering
2:14:17 - HTTP Attributes (Cookie Stealing)
2:27:48 - SQL Injection