Penetration Testing: Advanced Web Testing

Focused View

Malcolm Shore

1:54:35

64 View

01.01-protecting your websites.mp4

01:14

01.02-what you should know before watching this course.mp4

01:20

01.03-disclaimer.mp4

01:18

02.01-preparing the test environment.mp4

03:55

02.02-setting up wordpress.mp4

08:03

02.03-setting up joomla.mp4

05:46

02.04-online testing sites.mp4

02:43

03.01-a refresher on web technology.mp4

08:49

03.02-refreshing your basic web testing skills.mp4

03:59

03.03-a refresher on website shell implants.mp4

07:32

04.01-busting open a website.mp4

05:24

04.02-identifying virtual websites.mp4

04:33

04.03-more ways to find web pages.mp4

06:41

05.01-vulnerability scanning with burp suite.mp4

03:13

05.02-using sqlmap to validate sql injections.mp4

02:58

06.01-exploiting your way into the gym.mp4

04:00

06.02-exploiting through an aspx shell with cadaver.mp4

04:58

06.03-checking web page source.mp4

01:50

06.04-injecting html into a web page.mp4

04:06

06.05-exploiting tools left on websites.mp4

02:31

06.06-injecting sql using burp suite.mp4

03:46

06.07-exploiting node.js.mp4

05:55

06.08-injecting xml into a web page.mp4

01:55

06.09-file access through a web application url.mp4

01:33

07.01-understanding cms targets.mp4

03:28

07.02-getting into wordpress.mp4

06:01

07.03-shelling through wordpress.mp4

02:48

07.04-exploiting joomla via sql.mp4

02:48

08.01-whats next.mp4

01:28

Description

Websites are one of the most vulnerable pieces of information technology, since their contents are exposed to access from the internet. By understanding how attackers locate and exploit these vulnerabilities, you can help build more secure websites and protect web applications. This course shows you how to perform advanced web testing using the tools available in Kali, the professional pen testing framework. After a brief refresher on web testing, instructor Malcolm Shore introduces some new tools for enumerating and exploiting websites. Malcom teaches you how to spider a website using Burp Suite and check for vulnerable pages, how to find hidden pages on a website, and shows how the common web technologies such as PHP, Nodejs, and ASP can be exploited. He also explains how to integrate Burp Suite and sqlmap to enable deep testing of a web site for hidden access vectors, as well as using tools like Cadaver and Jhead which attackers use to upload malware.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Cyber Security

Penetration Testing

Malcolm Shore

Instructor's Courses

Wide range of IT experience ranging from systems programming to policy and strategic planning. Strong expertise in applied IT security, focused on policy and governance. Teaching post graduate security (forensics, information warfare, security management, applied cryptography) Past interests include virtual worlds and web3d developments. Current work focusing on Cloud, security architectures, and national-level cybersecurity Specialties: SABSA, Cloud, Cryptography, Cybersecurity Strategy, Network Survivability

Linkedin Learning

View courses Linkedin Learning

LinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications. It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.