What you'll learn:
- You will be able to perform a web penetration testing engagement from start to finish
- You will be able to discover and exploit web application vulnerabilities
In this ethical hacking course you'll learn how to exploit the vulnerabilities found in web applications and web servers following the OWASP Testing Guide framework, used by companies all over the world to perform web penetration testing engagements.
A vulnerable virtual machine, Web Sec Target Practice, is provided with the course for you to practice the various phases of the penetration testing assessment.
We'll predominantly use the Burp Suite Community edition and open source Kali tools throughout the entire course to test the infrastructure of the web server, brute force authentication forms, tamper with header attributes, perform XSS, SQL, command injections and other injection variants. We'll also develop a buffer overflow exploit step by step.
