Web Application Penetration Testing

This course introduces the discipline of web application penetration testing and shows a hands-on perspective of how a penetration tester (pentester) applies methodology with practice to test web applications for security flaws. The course reviews several basic web application penetration testing techniques and gives you an opportunity for hands-on experience as a penetration tester using a popular free and open-source software (FOSS) tool, Burp Suite. You will learn to examine injection attacks such as cross-site scripting and SQL injection attacks and learn how to perform automated attacks with Intruder, as well as analyze responses with Repeater and Comparer.

Modules:

• Web Application Penetration Testing Using Burp Suite
• Cross-Site Scripting Attacks Against bWAPP
• SQL Injection Attacks Using bWapp

Who Should Take This Course:

Developers, penetration testers, and IT professionals. In order to gain the best benefit from this course it is expected for you to have familiarity with:

• Virtualized environments such as VMWare or VirtualBox
• Understanding and configuring browser proxy settings
• Understanding of web protocols and the various requests, responses and status codes
• Familiarity with packet structure and OSI model

About This Course:

During this course you will follow course author Sunny Wear as she works you through the concepts of web application penetration testing using Burp Suite. Throughout the course you will have the opportunity to practice via exercises, assess your learning through knowledge checks, and take a final assessment at the end of the course.