Kali Linux Web App Pentesting Labs
Video: .mp4 (1280x720, 30 fps(r)) | Audio: aac, 48000 Hz, 2ch | Size: 2.92 GB
Genre: eLearning Video | Duration: 3.5 hours | Language: English
Learn how to hack web applications with a real cybersecurity professional!
Video: .mp4 (1280x720, 30 fps(r)) | Audio: aac, 48000 Hz, 2ch | Size: 2.92 GB
Genre: eLearning Video | Duration: 3.5 hours | Language: English
Learn how to hack web applications with a real cybersecurity professional!
What you'll learn
Build your own penetration testing lab environment
Discover vulnerabilities in web applications automatically and manually
Escalate privileges within Linux
Local and remote buffer overflow
SQL Injection
Cross Site Scripting
Exploitation of various web-based vulnerabilities
Requirements
Basic networking experience
Familiarity with Windows and Linux
Kali Linux
Beebox
SQLi Labs
OWASP Juice Shop
WebGoat
VirtualBox (preferred) or VMware
Description
Welcome to my Kali Linux Web App Pentesting Labs course! This course will be 100% hands-on, focusing specifically on exploitation of vulnerable web applications. We’ll be building a lab environment consisting of Kali Linux, and several intentionally vulnerable web applications including Beebox, SQL injection labs, OWASP Juice Shop, and WebGoat.
Through the duration of this course, we’ll be focusing upon the most prevalent web application vulnerabilities and how to exploit them. As a framework for our learning approach, we’ll be using the most recent version of OWASP at the time of this recording, which is OWASP 2017 top 10. OWASP is an organization which focuses upon improving the security of web applications and is a fundamental and necessary component to learn for aspiring pentesters. We'll be covering OWASP 1-9, because 10 does not apply specifically to pentesting, and is focused on the defensive side. Additionally, we'll be covering each of these in great detail over this course.
The primary topics within this course are both manual and automated methods of detection and exploitation of web application web application vulnerabilities. You'll be getting hands-on exposure to industry standard tools such as Burpsuite, Nmap, Nikto, Sqlmap, and many more. From what I've seen over the years in cybersecurity academia, including certifications, hands-on skills are highly lacking, save for the offensive security certs. This is because the majority of courses I've seen only teach theory, and have students prove their competency through writing and answering multiple choice questions. This does not prepare one for the real world, especially for pentesting where technical skills are paramount. This course aims to bridge that gap.
The beginning of this course will consist of downloading, installing, and configuring the components necessary for comprehensive hands-on web application penetration testing in a lab environment. Please get ready to hit the ground running and follow along with these labs, as we’ll be getting started right away in the subsequent lecture.
I really look forward to working with all of you. If you have any questions during any of the labs, please feel free to reach out to me directly with the messaging system or Q&A section.
Who this course is for:
OSCP candidates
CEH candidates
Penetration testers
Cybersecurity professionals
Cybersecurity/IT students
Pentest+ candidates