Pentester Academy – Web Application Pentesting

CG数据库 >> Pentester Academy – Web Application Pentesting

Pentester Academy – Web Application Pentesting的图片1

Pentester Academy - Web Application Pentesting

.MP4, AVC, 1334 kbps, 1280x720 | English, AAC, 224 kbps, 2 Ch | 8.5 hours | 6.42 GB

Instructor: Vivek Ramachandran

A non-exhaustive and continuously evolving list of topics to be covered include:

HTTP/HTTPS protocol basics

Understanding Web Application Architectures

Lab setup and tools of the trade

Converting your browser into an attack platform

Traffic Interception and Modification using Proxies

Cross Site Scripting

Types

Reflected

Persistent

DOM based

Filtering XSS

Evading XSS filters

Cookie stealing and session hijacking

Self-XSS

BeeF

SQL Injection

Error based

Blind

Second order injections

Broken authentication and session management

session id analysis

custom authentication

Security misconfigurations

Web and database server

Application framework

Insecure direct object reference

Cross-site Request Forgery

GET and POST based

JSON based in RESTful Service

Token Hijacking via XSS

Multi-Step CSRF

Insecure cryptographic storage

Clickjacking

File upload vulnerabilities

Bypassing extension, content-type etc. checks

RFI and LFI

Web to Shell

Web Shells

PHP meterpreter

Analyzing Web 2.0 applications

AJAX

RIAs using Flash, Flex

Attacking Caching servers

Memcached

Redis

Non Relational Database Attacks

Appengine Datastore

MongoDB, CouchDB etc.

HTML5 Attack Vectors

Tag abuse and use in XSS

Websockets

Client side injection

Clickjacking

Web Application firewalls

Fingerprinting

Detection Techniques

Evading WAFs

… more additions will be made as course evolves

More Info

Pentester Academy – Web Application Pentesting的图片2

下载链接-百度网盘

CG数据库关于本站联系方式 Archiver