Tags
Language
Tags
<<
June 2025
Su Mo Tu We Th Fr Sa
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 1 2 3 4 5
    Attention❗ To save your time, in order to download anything on this site, you must be registered 👉 HERE. If you do not have a registration yet, it is better to do it right away. ✌

    ( • )( • ) ( ͡⚆ ͜ʖ ͡⚆ ) (‿ˠ‿)
    SpicyMags.xyz
    1. Home
    2. eBooks & eLearning
    3. Introduction To Web Application Penetration Testing

    Introduction To Web Application Penetration Testing

    Posted By: ELK1nG
    Date: 4 Nov 2024 09:01:13
    Introduction To Web Application Penetration Testing

    Introduction To Web Application Penetration Testing
    Published 11/2024
    MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
    Language: English | Size: 7.61 GB | Duration: 9h 51m

    Learn how to perform penetration tests on web applications for bug bounty hunting and exploit a potential vulnerability

    What you'll learn

    Using Generative AI to get predictions for Penetration Tests

    Using reconnaissance tools to gather information on the vulnerable endpoint

    Manually assessing a web application without automatic penetration testing tools

    Using automatic penetration testing tools

    Building Exploits for Web Applications

    Understanding False Negatives when using automated penetration testing tools

    Requirements

    HTML

    PHP

    Python

    Bash Scripting

    JavaScript

    Description

    In this course, you’ll learn the basics of performing basic penetration tests on web applications manually and using automated penetration testing tools with the help of different Artificial Intelligence that exist out there. We will compare the differences and answers given by three different AI’s including ChatGPT, PenTestGPT and WhiteRabbitNeo AI and see the negative sides of using AI as a whole when performing these penetration tests. We will perform some manual tests without using automated tools to better understand how vulnerabilities can be exploited without getting any false negatives that are present when using AI and automation for penetration tests; I will also disclose a duplicate report that I obtained permission for to disclose to the public which I was allowed to disclose, so you have an idea on how to write reports to HackerOne and other Web Application Penetration Testing Bug Bounties and Vulnerability Disclosure Programs.Please note that this course is for educational purposes only. This course is intended to teach people to perform ethical hacking and contains highly sophisticated cybersecurity techniques which can be used by anyone. Do not use anything taught in this course illegally, I will not be responsible for any damage or harm caused to a system from what you learn and apply from this course. This course is for people who want to become Bug Bounty Hunters and White Hat Hackers to prepare and refresh them for a better world of security and help in mitigating cyber risks.

    Overview

    Section 1: Introduction

    Lecture 1 Personal Introduction

    Lecture 2 Introduction to the course

    Section 2: Prerequisites

    Lecture 3 Installing Kali Linux

    Lecture 4 Installing OWASP ZAP

    Lecture 5 Configuring Burpsuite

    Lecture 6 Websites we will use

    Lecture 7 Installing and Configuring ngrok

    Lecture 8 Installing Wappalyzer

    Lecture 9 Using Nikto to find Vulnerabilities

    Lecture 10 Finding Vulnerable Web Application Ports using Network Mapper

    Lecture 11 Using GoBuster

    Lecture 12 Installing GoBuster

    Section 3: Bug Bounty Hunting

    Lecture 13 Understanding Bug Bounties and HackerOne

    Lecture 14 Exploiting Remote Code Execution Vulnerability (Automatic and AI)

    Lecture 15 Exploiting SQL Injection Vulnerability (Automatic)

    Lecture 16 Exploiting Subdomain Takeover Vulnerability (Automatic)

    Lecture 17 Exploiting Privacy Violation Vulnerability (Automatic)

    Lecture 18 Using Nuclei Verbose Mode to find Vulnerable Endpoints (Automatic)

    Lecture 19 Using Katana to find Vulnerable Endpoints (Automatic)

    Lecture 20 Exploit to bypass Error 403 (Automatic)

    Lecture 21 Exploiting Missing SRI Vulnerability (Automatic)

    Lecture 22 Using OWASP ZAP for Auto-Manual Vulnerability Detection (Automatic)

    Lecture 23 Exploiting Open Redirect Vulnerability (Automatic)

    Lecture 24 Exploiting Account Takeover Vulnerability (Manual)

    Lecture 25 Exploiting Stored XSS Vulnerability (Manual)

    Lecture 26 Exploiting OTP Overflow (Manual)

    Lecture 27 Exploiting Insecure Direct Object Reference (Manual)

    Lecture 28 Exploiting XSS Vulnerability (Manual)

    Lecture 29 Advanced Google Hacking Techniques (Auto-Manual)

    Lecture 30 Exploiting Local File Inclusion and Directory Transversal (Manual)

    Lecture 31 Exploiting Remote File Inclusion (Manual)

    Lecture 32 Exploiting Cross Site Request Forgery (Manual)

    Lecture 33 Exploiting Server Side Request Forgery (Manual)

    Lecture 34 Advanced GitHub Hacking Techniques (Manual)

    Lecture 35 Bypassing Web Application Firewalls (Manual)

    Lecture 36 Exploiting Cross Origin Resource Sharing Vulnerability (Manual)

    Lecture 37 Exploiting Clickjacking Vulnerability (Manual)

    Section 4: Report Writing, Conclusion and Exam

    Lecture 38 Report Writing

    Lecture 39 Conclusion

    Advanced Learners on Web Application Penetration Testing,Beginner Learners on Web Application Penetration Testing
    UPWARDS