Gain insights into web app vulnerabilities and attack methods, delve into penetration testing with Kali Linux, and explore tools for enhancing information security using Python, web tech, and network management.

webpen.tar.gz

shodan_api

Wireshark

chrome

Burp

frog

proxychains

encoder

setoolkitChrome

chromeShark

juiceshop

BurpChrome

This course is intended for people interested in information security—particularly in the penetration testing of various websites—to identify the security flaws present in the majority of newly developed websites and how to fix them. 

You will learn web penetration testing techniques using the Kali Linux operating system. You will be introduced to Python programming, web server technology, network management, open source intelligence, cross-site scripting, SQL injection, authentication and authorization in systems, cross-site request forgery, social engineering attacks, and concepts in information security management. 

Your knowledge of the various web application vulnerabilities and attack methods will be enhanced after taking this course. You will get hands-on experience with many tools used in online penetration testing in cyber security.

Web Application Penetration Testing

# Introduction to fingerprinting

**Fingerprinting** is a technique used by different companies to identify their users through the websites they access. This is sometimes referred to as **browser fingerprinting**. When we browse the internet, the browser gives away a lot of our information simply because the websites request it and we grant permission. Sometimes, they don't even ask for permission. Furthermore, somewhat like third-party cookies, websites give users unique identities that help in the tracking process. This information includes but is not limited to: 

- Browser type
- Browser version
- Language being used
- Time zone
- Specifications of the computer, monitor, and peripherals 
- Plug-ins and extensions installed 

The information given by the browser doesn't directly identify users, but with the use of information gathering techniques, like the one learned from the OSINT process, we could uniquely identify the different users on the internet.

# Browser fingerprinting

If we care about privacy, we should be concerned about fingerprinting. There are a number of ways this can be mitigated, but they're not foolproof. The Tor Browser makes us a more unique target considering its infamy. Mozilla's Firefox combats browser fingerprinting by blocking all requests made to third-party sites that are known for intrusive fingerprinting, but they only block the ones they're aware of. Finally, VPNs and proxies and the like can't block the more determined fingerprinting techniques.

[Am I Unique](https://amiunique.org/) provides developers with data to help them build defense mechanisms against browser fingerprinting. It collects and showcases the same information that websites collect as we surf the internet. The less unique you are, the better.

Learn what web application fingerprinting entails.

Introduction to the Course

Introduction to Linux

Introduction to Python

Web and Server Technology

Network Management and Analysis

Open-Source Intelligence

Cross-Site Scripting

SQL Injection

Authentication and Authorization

Cross-Site Request Forgery

Social Engineering Attacks

Broader Security Concepts

Wrapping Up

Web Fingerprinting Infrastructure

Introduction to fingerprinting