Web Application Penetration Testing

Web Application Penetration Testing from Zero to Hero.

Created by : Rated :4.5 891 views

Last Updated: 2023-09-08 07:09:08 English Course Type: Self Learning

Cover various techniques and methodologies to identify and exploit vulnerabilities in web applications.
Gain valuable insights and practical knowledge that will assist you in securing web applications and protecting them from potential attacks.
Cover most common penetration testing tools and practice its usage and features.
Demonstrate various web attacks and how to protect your web application or website.

This course is divided into five parts, the first part we will learn about how to create your own home virtual lab. It’s strongly recommended to test your knowledge on a testing lab and not production systems, to avoid any damage that may affect the production systems.

We will learn how to install Kali Linux, which is the operating system we are going to use during our web application penetration testing tutorials, as Kali Linux is a tool kit that includes more than 300 penetration testing tools.

Kali Linux can be installed using an ISO file, or using a pre-built disk image. We are going to learn both ways of installing Kali. After that, we will learn more about the vulnerable web application we are going to use, “Damn Vulnerable Web Application” or DVWA. This is a vulnerable web application as the name suggests that you can use to learn about various attacks and the correct usage of different penetration testing tools like Burp Suite, SQLMAP, etc.

Next, in the second part of this tutorial, we will discuss the phases of any penetration testing process conducted on any web application or website. We will learn all about penetration testing and what are the techniques and tools that are used during penetration testing. I will give you the best practices in penetration testing and advise you about different standards such as NIST and frameworks such as MITRE Attack Framework, and that will guide you much during your penetration testing.

In the third part, we are going to have an overview of Kali Linux Penetration Testing Tools. How these tools are categorized and how to use the most common tools in your penetration testing journey.

In the fourth part of this tutorial, we are going to discuss various attacks that you must test in any web application you are testing, including file inclusion attacks, SQL injection attacks, Command execution attacks, etc.

In the final part of this tutorial, we are going to cover the most common tools we use in our penetration testing journey as shown in the table on the right.

That being said, we will cover various techniques and methodologies to identify and exploit vulnerabilities in web applications.

I hope you will gain valuable insights and practical knowledge that will assist you in securing web applications and protecting them from potential attacks.

Looking forward to hearing from you if you have any comments. Thanks.a

It's recommended to have basic knowledge in Networking and Web Development Language (HTML- CSS - JavaScript - SQL - PHP).

If you’re interested in Penetration Testing and Ethical Hacking.
If you are interested in learning about the industry-standard tool for penetration and security testing.
If you are interested to learn more about various techniques and methodologies to identify and exploit vulnerabilities in web applications.
If you are interested in gaining valuable insights and practical knowledge that will assist you in securing web applications and protecting them from potential attacks.
If you are interested in learning more about various web attacks and how to protect your web application or website.

Section 1 : Web Application Penetration Testing 15 Lectures 01:47:56
Lecture 1 :
Web Application Penetration Testing Course Outlines Preview
Lecture 2 :
Creating Virtual Lab at Home
Lecture 3 :
How to install Kali Linux 2020
Lecture 4 :
Kali Linux using ISO
Lecture 5 :
Installing DVWA
Lecture 6 :
Web Penetration Testing Phases
Lecture 7 :
Kali Linux Tools Overview
Lecture 8 :
Information Gathering Tools (NMAP & ZenMAP)
Lecture 9 :
Information Gathering Tools Part II (All about NMAP)
Lecture 10 :
Web Application Analysis Tools Burp Suite
Lecture 11 :
Cyber Attacks - LFI - RFI - XSS
Lecture 12 :
Password Cracking Tools and Techniques
Lecture 13 :
Cyber Attacks - Cross-Site Request Forgery - Command Execution - Brute Force.
Lecture 14 :
Tools ZAP Nessus SQLMAP & WPScan
Lecture 15 :
Practical Lab Nikto, Dirb, DirBuster & Wireshark

How do i access the course after purchase?
It's simple. When you sign up, you'll immediately have unlimited viewing of thousands of expert courses, paths to guide your learning, tools to measure your skills and hands-on resources like exercise files. There’s no limit on what you can learn and you can cancel at any time.
Are these video based online self-learning courses?
Yes. All of the courses comes with online video based lectures created by certified instructors. Instructors have crafted these courses with a blend of high quality interactive videos, lectures, quizzes & real world projects to give you an indepth knowledge about the topic.
Can i play & pause the course as per my convenience?
Yes absolutely & thats one of the advantage of self-paced courses. You can anytime pause or resume the course & come back & forth from one lecture to another lecture, play the videos mulitple times & so on.
How do i contact the instructor for any doubts or questions?
Most of these courses have general questions & answers already covered within the course lectures. However, if you need any further help from the instructor, you can use the inbuilt Chat with Instructor option to send a message to an instructor & they will reply you within 24 hours. You can ask as many questions as you want.
Do i need a pc to access the course or can i do it on mobile & tablet as well?
Brilliant question? Isn't it? You can access the courses on any device like PC, Mobile, Tablet & even on a smart tv. For mobile & a tablet you can download the Learnfly android or an iOS app. If mobile app is not available in your country, you can access the course directly by visting our website, its fully mobile friendly.
Do i get any certificate for the courses?
Yes. Once you complete any course on our platform along with provided assessments by the instructor, you will be eligble to get certificate of course completion.
For how long can i access my course on the platform?
You require an active subscription to access courses on our platform. If your subscription is active, you can access any course on our platform with no restrictions.
Is there any free trial?
Currently, we do not offer any free trial.
Can i cancel anytime?
Yes, you can cancel your subscription at any time. Your subscription will auto-renew until you cancel, but why would you want to?

Sherif Salah-EL-Din,

1914 Course Views

2 Courses

I've a Bachelor Managerial Information System in 2005.I got a postgraduate studies Diploma in Information System in 2008. Then I became Microsoft Certified Professional, Microsoft Certified Desktop Support Technician and Microsoft Certified System Administrator since 2009. Finally, I got varies Certifications in Information Security to became: Certified Ethical Hacker Professional Penetration Tester Offensive Security Certified Professional ISO 27001 Information Security Management Systems I've successfully completed WP-Elevation Blueprint Course for WordPress Consultants. I've a +14 years of experience in the Information Technology domain who worked for many international companies and currently I'm an information security professional freelancer and Tutor for Hacking/Ethical Hacking, Android Penetration Testing, Web App Penetration Testing. Skills: Vulnerability Assessment | Python Bash Scripting | Basic C++ CTF Player | Penetration Testing Networking | OSINT Analyst Tools Experience: Burp Suite Nmap Maltego Wireshark Metasploit Web/Mobile/Network Penetration Testing. Microsoft Products Support Web Development Programming Languages. AWS, WordPress and Cloud Security.