Penetration Testing: Advanced Web Testing

Focused View

Malcolm Shore

2:42:02

109 View

01.01-protecting your websites.mp4

00:54

01.02-what you should know before watching this course.mp4

00:47

01.03-disclaimer.mp4

01:15

02.01-understanding websites.mp4

08:15

02.02-identifying virtual websites.mp4

04:31

02.03-using burp suite as a proxy.mp4

03:07

02.04-busting open a website.mp4

05:15

02.05-busting with dirbuster.mp4

03:54

02.06-enumerating with whatweb and dirscanner.mp4

03:24

02.07-enumerating with dirb and wfuzz.mp4

02:54

02.08-crawling or spidering.mp4

02:09

02.09-scanning at scale.mp4

02:07

03.01-assessing websites with nikto.mp4

03:45

03.02-using the metasploit wmap scanner.mp4

05:40

03.03-using sqlmap to find sql injections.mp4

06:07

03.04-skip fishing the site.mp4

02:28

03.05-scanning for vulnerabilities with nessus.mp4

03:46

03.06-using test cases to manage security testing.mp4

05:25

04.01-a refresher on website shell implants.mp4

07:02

04.02-uploading an aspx shell using cadaver.mp4

05:11

04.03-coping with a calamity.mp4

05:34

04.04-exploiting with phpbash.mp4

04:11

04.05-exploiting node.js.mp4

05:35

04.06-injecting sql using burp suite.mp4

02:01

04.07-breaking into the bank.mp4

06:31

04.08-more ways into the bank.mp4

03:35

04.09-owning the bank.mp4

07:09

04.10-entering europa.mp4

04:40

04.11-owning europa.mp4

05:20

04.12-jenkins and groovy scripting.mp4

08:48

04.13-taking over the gym.mp4

04:23

05.01-learning the basics of content management.mp4

03:23

05.02-getting into wordpress.mp4

06:22

05.03-penetrating wordpress.mp4

03:12

05.04-getting joomla administrator.mp4

03:55

05.05-shelling joomla.mp4

03:16

05.06-taking down the enterprise.mp4

04:07

06.01-whats next.mp4

02:04

Description

Websites are one of the most vulnerable pieces of information technology, since their contents are exposed to access from the internet. By understanding how attackers locate and exploit these vulnerabilities, you can help build more secure websites and protect web applications. This course shows you how to perform advanced web testing using the tools available in Kali, the professional pen testing framework. After a brief refresher on web testing, instructor Malcolm Shore introduces some new tools for enumerating and exploiting websites. Malcom teaches you how to spider a website using Burp Suite and check for vulnerable pages, how to find hidden pages on a website, and shows how the common web technologies such as PHP, Nodejs, and ASP can be exploited. He also explains how to integrate Burp Suite and sqlmap to enable deep testing of a web site for hidden access vectors, as well as using tools like Cadaver and Jhead which attackers use to upload malware.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Web Development

Penetration Testing

Malcolm Shore

Instructor's Courses

Wide range of IT experience ranging from systems programming to policy and strategic planning. Strong expertise in applied IT security, focused on policy and governance. Teaching post graduate security (forensics, information warfare, security management, applied cryptography) Past interests include virtual worlds and web3d developments. Current work focusing on Cloud, security architectures, and national-level cybersecurity Specialties: SABSA, Cloud, Cryptography, Cybersecurity Strategy, Network Survivability

Linkedin Learning

View courses Linkedin Learning

LinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications. It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.