Home>Courses>Web Application Penetration Testing

Web Application Penetration Testing

This is Web Penetration Testing Course.

Intermediate

62 Lessons

16h

Certificate of Completion

This is Web Penetration Testing Course.

AI-POWERED

Explanations

AI-POWERED

Explanations

This course includes

41 Playgrounds

11 Quizzes

Course Overview

What You'll Learn

Course Content

Apply Your Skills

Recommendations

Course Overview

This course is intended for people interested in information security—particularly in the penetration testing of various websites—to identify the security flaws present in the majority of newly developed websites and how to fix them. You will learn web penetration testing techniques using the Kali Linux operating system. You will be introduced to Python programming, web server technology, network management, open source intelligence, cross-site scripting, SQL injection, authentication and authorization in...Show More

What You'll Learn

Working knowledge of finding and exploiting vulnerabilities in a web application

The ability to scan and assess a web application

Hands-on experience in identifying risks with penetration testing tools

Mastery of protecting web applications by applying solid mitigation strategies

Working knowledge of finding and exploiting vulnerabilities in a web application

Course Content

Introduction to the Course

1 Lessons

Get familiar with web app security, vulnerability assessment, and ethical penetration testing principles.

Getting Started

Introduction to Linux

10 Lessons

Get started with essential Linux commands, file systems, text manipulation, Git, software, permissions, Bash, logging, and kernel management.

Linux Commands

Linux File System

Text Manipulation

Git and Git Version Control

Software Management

Permissions and Process Management

Bash Scripting

System Logging

Linux Kernel and Loadable Modules

Quiz Yourself on Basic Linux Commands

Introduction to Python

5 Lessons

Explore the essentials of Python basics, variables, functions, control flow, and scripting.

Python Basics

Variables, Functions, and Lists

Control Flow

Python Scripting

Quiz Yourself on Python Basics

Web and Server Technology

6 Lessons

Break down the steps to understanding HTTP/S, Apache, web encoding, cookies, and proxies.

HTTP/S Protocol Basics

Running a Web Server with Apache

Web Encoding

Proxies

Quiz Yourself on Web and Server Technology

Network Management and Analysis

5 Lessons

Understand network management, modify network details, and analyze traffic using essential tools.

Network Analysis Using ifconfig and iwconfig

Modification of Network Information

Modification of Domain Name System

Wireshark

Quiz Yourself on Network Management and Analysis

Open-Source Intelligence

5 Lessons

Focus on OSINT techniques, web fingerprinting, Google hacking, and Shodan for gathering information.

Gathering Information on a Target

Web Fingerprinting Infrastructure

Google Hacking

Shodan

Quiz Yourself on Open-Source Intelligence

Cross-Site Scripting

4 Lessons

Master protecting web applications from XSS attacks through understanding, exploiting, and mitigating techniques.

Cross-Site Scripting Basics

XSS Exploitation

Mitigation of XSS

Quiz Yourself on Cross-Site Scripting

SQL Injection

4 Lessons

Break down SQL injection techniques, detection tools, exploitation methods, and mitigation strategies.

Introduction to SQL Injection

Automatically Finding SQL Injections

Exploiting and Mitigating SQL Injections

Quiz Yourself on SQL injection

Authentication and Authorization

5 Lessons

Unpack the core of authentication and authorization concepts, vulnerabilities, exploitation, and mitigation strategies.

Fundamentals of Authentication and Authorization

Common Vulnerabilities

Bypassing Authentication and Authorization

Mitigation Strategies

Quiz Yourself on Authentication and Authorization

10.

Cross-Site Request Forgery

4 Lessons

Go hands-on with discovering, exploiting, and mitigating Cross-Site Request Forgery vulnerabilities.

Cross-Site Request Forgery

Exploiting and Finding CSRF Vulnerabilities

Mitigation of Cross-Site Request Forgery

Quiz Yourself on Cross-Site Request Forgery

11.

Social Engineering Attacks

6 Lessons

Build a foundation in social engineering tactics, tools, and mitigation strategies.

Social Engineering

Social-Engineer Toolkit (SET)

Man-in-the-Middle (MITM) Attacks

A Deeper Look at Phishing

Mitigation of Social Engineering

Quiz Yourself on Social Engineering

12.

Broader Security Concepts

6 Lessons

Explore broader security concepts, including privacy, DoS attacks, auditing, and Security Operations Centers.

Security, Anonymity, and Privacy

Denial-of-Service

Auditing Web Services

Auditing Strategies

Security Operations Center (SOC)

Quiz Yourself on Broader Security Concepts

13.

Wrapping Up

1 Lessons

Focus on challenges, persistence, and skills growth in web application penetration testing.

Conclusion

Course Author

OCHIENG' BOSTONE

Project

Penetration Testing with Metasploit

intermediate

1 hour

Project

Penetration Testing with Metasploit

This project uses Metasploit for penetration testing, finding vulnerabilities, exploiting them, and using Metasploit’s features for security assessments.

intermediate

1 hour

Trusted by 2.5 million developers working at companies

"These are high-quality courses. Trust me. I own around 10 and the price is worth it for the content quality. EducativeInc came at the right time in my career. I'm understanding topics better than with any book or online video tutorial I've done. Truly made for developers. Thanks"

Anthony Walker

@_webarchitect_

"Just finished my first full #ML course: Machine learning for Software Engineers from Educative, Inc. ... Highly recommend!"

Evan Dunbar

ML Engineer

"You guys are the gold standard of crash-courses... Narrow enough that it doesn't need years of study or a full blown book to get the gist, but broad enough that an afternoon of Googling doesn't cut it."

Carlos Matias La Borde

Software Developer

"I spend my days and nights on Educative. It is indispensable. It is such a unique and reader-friendly site"

Souvik Kundu

Front-end Developer

"Your courses are simply awesome, the depth they go into and the breadth of coverage is so good that I don't have to refer to 10 different websites looking for interview topics and content."

Vinay Krishnaiah

Software Developer

"I've tried probably 5-7 different sites and Educative is easily the best. It perfectly blends explanation with interactivity"

Eric Downs

Musician/Entrepeneur

Hands-on Learning Powered by AI

See how Educative uses AI to make your learning more immersive than ever before.

Instant Code Feedback

Evaluate and debug your code with the click of a button. Get real-time feedback on test cases, including time and space complexity of your solutions.

AI-Powered Mock Interviews

Put your skills to the test in a simulated interview setting. Receive personalized feedback based on your performance. Available in Premium & Premium Plus plans.

Adaptive Learning

At various checkpoints throughout Educative courses, you will be prompted to take a quick assessment. Receive a condensed curriculum tailored to your strengths and skill gaps.

Explain with AI

Select any text within any Educative course, and get an instant explanation — without ever leaving your browser.

AI Code Mentor

AI Code Mentor helps you quickly identify errors in your code, learn from your mistakes, and nudge you in the right direction — just like a 1:1 tutor!

Recommended before starting this course

Course

Cyber Security Best Practices for Developers

TBA

beginner

4 hours

Course

Web Application Security: Understanding HTTP Security Headers

beginner

1 hour 10 mins

Course

JakartaEE Security Workshop