Web Application Penetration Testing is a systematic approach to apply penetration testing skills to find different vulnerabilities in web applications. Even with advanced development frameworks, techniques and tools that that exists for web applications, they are still the prime target for hackers. If your organization does not properly test its web applications and or not including security controls within the applications, then hackers can compromise these applications, damage critical business functionality and also steal sensitive or proprietary data.
The objective of web application penetration is to identify security weakness across the entire web application and its components (source code, database, back-end network). The test results also helps in prioritizing the identified vulnerabilities and threats, and possible ways to mitigate them.
Target Audience
This is a foundation level course for web developer’s, cyber security experts, security administrators and for the people who want to start their career in web penetration testing.
Course Content
- Introduction
- Basics of Web Application
- OWASP Top 10 Web Application Security risks
- Preparing the Hacking Environment
- Information Gathering Phase
- Types of attacks
- Cross Site Scripting (XSS)
Requirements
- Laptop with minimum 8GB RAM
- OS: Windows 7 & above
- Cross Site Request Forgery(CSRF)
- SQL Injection
- Command Execution
- File upload
- Bruteforce attack
- Practical Hacking Tips
- Hacking exercises