Web App Penetration Testing

Become a bug bounty hunter! Learn to hack websites, fix vulnerabilities, and improve web security online for clients.

3.85 (10 reviews)

Udemy

platform

English

language

Network & Security

What you will learn

Setting up a web app pentesting lab

Burp Suite

Account enumeration and guessable accounts

weak lock-out mechanisms

Bypassing authentication schemes

Browser cache weaknesses

Account provisioning process via REST API

Directory traversal - LFI, RFI

Privilege escalation & IDOR

Session token strength using Sequencer

Cookie attributes

Session fixation

Exposed session variables & CSRF

Business logic data validation

Unrestricted file upload – bypassing weak validation

Performing process-timing attacks

Testing for the circumvention of workflows

Uploading malicious files – polyglots

Reflected cross-site scripting & Stored cross-site scripting

HTTP verb tampering & HTTP Parameter Pollution

SQL injection

Command injection

Loading charts...

Web App Penetration Testing

What you will learn

Setting up a web app pentesting lab

Burp Suite

Account enumeration and guessable accounts

weak lock-out mechanisms

Bypassing authentication schemes

Browser cache weaknesses

Account provisioning process via REST API

Directory traversal - LFI, RFI

Privilege escalation & IDOR

Session token strength using Sequencer

Cookie attributes

Session fixation

Exposed session variables & CSRF

Business logic data validation

Unrestricted file upload – bypassing weak validation

Performing process-timing attacks

Testing for the circumvention of workflows

Uploading malicious files – polyglots

Reflected cross-site scripting & Stored cross-site scripting

HTTP verb tampering & HTTP Parameter Pollution

SQL injection

Command injection

Related Topics