Web App Pen Testing: Mapping

Focused View

Tim Tomes

2:02:54

13 View

1. Course Overview

1. Course Overview.mp4

01:42

2. Methodology Mapping

1. Introduction.mp4

01:28

2. Mapping.mp4

00:50

3. Tools for Mapping.mp4

06:28

4. Demo Mapping Tools.mp4

10:28

3. Mapping Manual Crawling

1. Manual Crawling.mp4

01:30

2. Demo Manual Crawl.mp4

25:41

4. Mapping Automated Crawling

1. Automated Crawling.mp4

00:33

2. Tools for Automated Crawling.ts

03:02

3. Demo Automated Crawl.mp4

15:04

5. Mapping Identifying Implemented Technologies

1. Identifying Implemented Technologies.mp4

01:11

2. Tools for Identifying Implemented Technologies.mp4

02:06

3. Demo Identifying Technology.ts

24:28

6. Mapping Architectural Design Patterns

1. Architectural Design Patterns.mp4

11:40

2. Identifying Architectural Design Pattern.mp4

02:26

3. M6c3.mp4

00:32

4. Demo Identifying Architectural Design Patterns.mp4

13:21

5. Outro.mp4

00:24

Description

Understanding the target is a critical component of any offensive operation. This course will teach you how to gain a thorough understanding of web applications in order to maximize the potential for vulnerability discovery.

What You'll Learn?

Understanding web applications from a user’s perspective is critical to establishing a foundation for vulnerability discovery. In this course, Web App Pen Testing: Mapping, you’ll learn how to analyze applications from a user's perspective to gain a thorough understanding of why and how applications are built while simultaneously resolving known attack surfaces. First, you’ll learn to create site maps through manual and automated techniques while gaining a functional understanding of applications. Next, you’ll explore techniques for identifying technologies implemented on both the server and client-side of applications. Finally, you’ll learn about architectural design patterns, how they affect the Web App Pen Testing methodology, and how to determine the pattern applied to build an application. When you’re finished with this course, you’ll have the skills and knowledge of Mapping web applications needed to maximize the potential for vulnerability discovery in the next step of the methodology.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Tim Tomes

Instructor's Courses

Tim is a believer, husband, father, veteran, software developer, web application security engineer, and the founder of PractiSec (Practical Security Services). With extensive experience in web application security and software development, Tim currently conducts consultative engagements, manages multiple open source software projects (Recon-ng Framework, the HoneyBadger Geolocation Framework, PwnedHub, etc.), writes technical articles (lanmaster53.com), and frequently instructs and presents on security topics independently and at major information security conferences (DerbyCon, ShmooCon, DefCon, Black Hat, and Wild West Hackin' Fest, etc.). Tim is an industry leader in all things Burp Suite Pro, a Portswigger Preferred Burp Trainer, and an expert in making HTTP requests tremble.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.