Web Application Penetration Testing is used to test the integrity of web-facing cyber assets and systems. In a simplified way, it’s a simulated cyber attack to find the weaknesses before malicious hackers do, commonly used to augment Web Application Firewalls (WAF).
Why Web Application Penetration Testing?
To find out the extent or size of a successful attack.
Can know the level of risk for your organization or system compared to similar ones.
Identify areas of security policy that are lacking.
What you’ll master?
Web Application overview, authentication attacks, and configuration testing.
Web Application session management, SQL Injection attacks, and Testing tools.
Cross site request forgery and scripting, Client Injection Attack, reconnaissance and mapping.
Some Sample Videos:
Class:1- Getting started with WAPT.
Class:2- Setting up your WAPT development and test environment
Class:3- WAPT tool tutorial.
Class:4 - Major difference in HTTP1.0, HTTP 1.1 and HTTP 2.0.
Class:5 - HTTP Fundamentals.
Class: 6 - Lesson on Session ID and Cookie.
Class:7 - Overview of Web Application Architecture.
Class: 8 - Tutorial on OWASP-10 2017.
Class:9 - Basics of Burp suite.
Class: 10 - Session on Website Reconnaissance and Footprinting.
Class: 11 - About Vulnerability analysis.
Class: 12 - Metasploit basics.
Class: 13 - Lesson on Exploit Search and Payload Generation.
Class: 14 - How to attack HTTP Basic Authentication with Nmap and Metasploit.
Class: 15 - Input Validation techniques tutorial.
Class: 16 - Difference between Blacklist VS. Whitelist Input Validation.
Class: 17 - Lesson on Encoding attacks.
Class: 18 - Session on Directory Traversal Vulnerability.
Class: 19 - Session on Automated Attack for Directory traversal.
Class: 20 - An Overview of Session fixation.
Class:21 - A study of Session Management - URL Manipulation.
Class:22 - A study of Session Management - Using Cookie Manipulation.
Class:23 - Class on URL Encoding and Path Traversal Vulnerability.
Class:24 - Overview of Information leakage.
Class:25 - Training on Unrestricted File Upload.
Class:26 - Training on File Upload Vulnerability Basic.
Class: 27 - How to do type verification in file Uploads (Bypassing Content)
Class: 28 - Learn about Bypassing Extension Blacklist in File Upload.
Class: 29 - Uploading bypassing file using Double Extensions.
Class: 30 - Null byte injection tutorial.
Class:31- Introduction of Directory Listing.
Class:32- Overview of Broken Authentication.
Class:33 - Understanding HTTP Parameter manipulation.
Class:34 - File Inclusion basics and its types (LFI and RFI)
Class:35 - Session on Server Side Request Forgery.
Class:36 - Session on Unvalidated Redirects and Forwards.
Class:37 - Session on Insecure Direct Object Reference.
Class: 38 - What is a Clickjacking Attack?
Class: 39 - Webservices Basics.
Class: 40 - Understanding XML and JSON.
Class: 41 - REST API SQL Injection tutorial.
Class: 42 - Introduction of XXE.
Class: 43 - Fundamentals of PHP Code Injection.
Class: 44 - HTML injection (Get & post) tutorial.
Class: 45 - Introduction of OS Command Injection.
Class: 46 - Introduction of OS Command Injection (Blind).
Class: 47 - SQL Injection (Get & post) tutorial.
Class: 48 - SQL Injection (Login Form) tutorial.
Class: 49 - SQL Injection (Stored) tutorial.
Class:50 - SQL Injection (Boolean Based) tutorial.
Class:51 - SQL Injection (Blind and Time Based) tutorial.
Class:52 - Cross-Site Scripting (DOM Based) tutorial.
Class:53 - Cross-Site Scripting (Get & post) tutorial.
Class:54 - Cross-Site Scripting (Stored) tutorial.
Class:55 - Cross-Site Request Forgery basics.
Class:56 - Understanding (CSRF) Anti-Token Bypassing
Class:57 - How to write a WAPT report.
Class: 58 - How to upskill yourself in WAPT
Class: 59 - Future Scope and latest Updates in Web Application Penetration Testing.
Class: 60 - Job Orientation and Resume Preparation.
Schedule Your Classes
The duration of the Course is 2 Months (60 days)
Weekdays - Monday to Saturday.
Weekend classes - Saturday and Sunday.
Class Consist of both Theory and Practical session.
Materials will be provided.
Assignments will be given at regular intervals.
Please note that the Training Structure may vary for each and every student.
Have a Question?
Please send us any questions you may have. We would love to answer it.