Web Application Hacking 101

Learn the art of Application Hacking to safeguard your application from being hacked. Build to be an Ethical Hacker!!

What you'll learn
The Students will be able test/identify security vulnerabilities in their application and take appropriate decisions to safeguard their applications
Requirements
The Students need to have basic knowledge of web applications.
Description

This is an excellent course on learning the art of Web Application Hacking a.k.a Web Application Penetration testing (WAPT). It focuses on preparing the students /developers /auditors to face the real world of Web Application Penetration testing while helping them safeguard their company's applications, data and reputation.
This Course starts from teaching you the basics of any attack and then substantiating it with pure technical skills. It is designed to cover all the latest attacks of Web Application like Web Attacks, Web Services, Flash Attacks, Injection attacks and many more at an affordable price for all the ethical hacking enthusiasts.
Top 10 Reasons to buy this course than any other Web Hacking course on Udemy:
Follows a multi-step approach to provide in-depth knowledge on the attacks
Introduces a security issue(Vulnerability)We then deep dive in to the issue to get a better understanding This is followed a practical demonstration Finally we look at how we can secure the application against these vulnerabilities
New modules are added every monthCovers traditional attacks like Cross Site Scripting and SQL InjectionCovers LDAP Injection (not covered by other web hacking courses on Udemy)Covers Flash Based attacks (not covered by other web hacking courses on Udemy)Covers XML Injection, XSLT Injection and XPath injections (not covered by other web hacking courses on Udemy) Covers Web Services Attacks (not covered by other web hacking courses on Udemy) This course helps you prepare for the real worldMultiple quizzes added to test your understanding at various phases during the courseHelps in setting up Sample vulnerable test beds so that the students can get their hands dirty to learn these attacks

Be Safe Keep Safe!!

–> New modules added:
10th October - LDAP Attacks
17th October - Introduction to File Upload Attacks. 
30th October - File Upload attacks / Exploitation / Mitigation videos 
3rd December - Published - Introduction to CAPTCHAs (Free Preview)
Modules on Attacking/Bypassing CAPTCHAS and Bruteforce Attack to be added shortly (Stay tuned)

Overview

Section 1: Introduction

Lecture 1 Introduction to Web Application Penetration Testing

Lecture 2 Web Application Information Gathering

Lecture 3 Basics of HTTP Request / Response

Lecture 4 Introduction to BURP Suite Proxy Tool

Section 2: Setting up Sample Test Application

Lecture 5 DVWA Application Installation Guide

Lecture 6 Installation of Mutillidae II application

Section 3: Introduction to Web Application Session Management

Lecture 7 Web Application Cookies

Lecture 8 Web Session Management attacks

Section 4: Cross Site Scripting Attacks

Lecture 9 Basics of Cross Site Scripting Attacks

Lecture 10 Reflected Cross Site Scripting

Lecture 11 Stored Cross Site Scripting

Lecture 12 Mitigating Cross Site Scripting Attacks

Lecture 13 DOM Based Cross Site Scripting Attack

Section 5: Clickjacking Attacks

Lecture 14 Introduction to Clickjacking Attacks

Lecture 15 Testing for Clickjacking Attacks

Section 6: Flash Based Attacks

Lecture 16 Introduction to Flash Applications

Lecture 17 Setting up a Vulnerable Flash application

Lecture 18 De-compiling Flash Applications

Lecture 19 Cross Site Scripting in Flash Applications

Lecture 20 Cross Site Flashing in Flash Applications

Lecture 21 HTML Injection in Flash Applications

Lecture 22 Phishing Attacks through Flash Applications

Lecture 23 Impact Analysis & Mitigating Flash Attacks

Section 7: XPath Injection Attacks

Lecture 24 XPATH Basics

Lecture 25 XPATH Injection

Section 8: XSLT Injection

Lecture 26 XSLT Basics

Lecture 27 XSLT Injection

Section 9: XML Attacks

Lecture 28 XML Basics

Lecture 29 XML CDATA Injection

Lecture 30 XML External Entity Injection

Lecture 31 XML Entity Expansion Attack

Section 10: Web Service Attacks

Lecture 32 Web Service Basics

Lecture 33 Web Services Attacks

Lecture 34 Web Service Clients Tutorial

Lecture 35 Web Services - SQL Injection

Lecture 36 Web Services - Command Injection

Lecture 37 Web Service - SOAP Array DOS Attack

Lecture 38 Web Service - SOAPAction Header Manipulation Attack

Section 11: SQL Injection Attacks

Lecture 39 SQL - Basic Concepts

Lecture 40 SQL Injection - Introduction

Lecture 41 SQL Injection - Union Based Exploitation

Lecture 42 SQL Injection Boolean Based Exploitation

Lecture 43 SQL Injection Time Based Exploitation

Lecture 44 SQL Injection Mitigation

Section 12: Cross Site Request Forgery (CSRF) Attacks

Lecture 45 Introduction to CSRF Attacks

Lecture 46 Testing for CSRF Attacks

Section 13: LDAP Injection Attacks

Lecture 47 Basics of LDAP

Lecture 48 Exploiting LDAP Injection

Section 14: File Upload Attacks

Lecture 49 Introduction to File Upload Attacks

Lecture 50 File Upload Attacks using Web Shells

Lecture 51 File Upload Attacks - Malicious Virus upload

Lecture 52 File Upload Attacks - Path Manipulation

Lecture 53 Mitigating File Upload Attacks

Lecture 54 Mitigating File Upload Attacks

Section 15: Bonus Modules!!!!!

Lecture 55 Keyloggers and Virtual Keyboards

Lecture 56 File Inclusion Attacks

Lecture 57 OS Command Injection

Section 16: Attacking and securing CAPTCHs

Lecture 58 Introduction to CAPTCHAs

Lecture 59 Bypassing CAPTCHAs

This course is for Students looking to build a successful career in Ethical Hacking.,This course is for developers looking to safeguard their applications.,This is also for the security auditors who have to audit the application from security perspective