Digital Download Immediately
Web Application Penetration Testing: Learning from a Tester’s Prespective - PHMC SECURITIES
First Section
Gathering Information
- Nmap Introduction (8:23)
- Different Types of Nmap Scans (Theory) (5:50)
- Different Type of Nmap Scan (Demo) (4:38)
- Different Type of Nmap Scans 2 (4:44)
- Banner Grabbing Using nmap (4:05)
- Enumerating Directories using DirBuster (4:26)
- Enumerating SubDomain (10:24)
Pentesting Lab Setup
- Setting Up the Enviornment (3:29)
- Setting Up the Enviornment 2 (4:30)
Configuration And Deployment Management Testing
- HTTP Strict Transport Security (2:51)
- Enumerating Juicy Endpoints (4:10)
Input Validation Testing
- What you will learn in This Section (0:58)
- HTML Injection (6:22)
- XSS (10:52)
- Different Type of XSS (12:40)
- HTTP parameter Pollution (6:10)
- SQL Injection (5:56)t
- Local File Inclusion (6:01)
- Directory Traversal (7:39)
- Command Injection (7:27)
Authentication Testing
- Broken Authentication (11:54)
- Authentication Issues 1 (8:18)
- Authentication Issue 2 (7:46)
Session Management Testing
- What You will Learn in This Section (0:30)
- Cookie Attributes (8:37)
- Testing for Weak Session ID (4:31)
- Session Management 1 (9:21)
- Session Management 2 (5:25)
File Upload and Redirects
- Unrestricted File Uploads (6:51)
- Unvalidated Forwards and Redirects (6:02)
Some Other Important issues
- CSRF (8:45)
- IDOR (7:35)
- CORS (8:30)
