Moocable is learner-supported. When you buy through links on our site, we may earn an affiliate commission.
Information Security

Penetration Testing: Advanced Web Testing

via LinkedIn Learning

Description

Take your pen testing skills to the next level. Learn how to locate and exploit website vulnerabilities with Burp Suite, sqlmap, DIRB, and more.

Tags
Python Programming Enterprise Resource Planning (ERP) MLOps Norwegian

Syllabus

Introduction
  • Protecting your websites
  • What you should know before watching this course
  • Disclaimer
1. Website Scanning
  • Understanding websites
  • Identifying virtual websites
  • Using Burp Suite as a proxy
  • Busting open a website
  • Busting with DirBuster
  • Enumerating with WhatWeb and DirScanner
  • Enumerating with DIRB and Wfuzz
  • Crawling or spidering
  • Scanning at scale
2. Finding Vulnerabilities
  • Assessing websites with Nikto
  • Using the Metasploit WMAP scanner
  • Using sqlmap to find SQL injections
  • Skip fishing the site
  • Scanning for vulnerabilities with Nessus
  • Using test cases to manage security testing
3. Attacking the Website
  • A refresher on website shell implants
  • Uploading an ASPX shell using Cadaver
  • Coping with a calamity
  • Exploiting with phpbash
  • Exploiting Node.js
  • Injecting SQL using Burp Suite
  • Breaking into the bank
  • More ways into the bank
  • Owning the bank
  • Entering Europa
  • Owning Europa
  • Jenkins and Groovy scripting
  • Taking over the gym
4. Content Management Testing
  • Learning the basics of content management
  • Getting into WordPress
  • Penetrating WordPress
  • Getting Joomla Administrator
  • Shelling Joomla
  • Taking down the enterprise
Conclusion
  • What's next

Start Learning Find study partner
Online Course
Information Security

Penetration Testing: Advanced Web Testing

via LinkedIn Learning
Start Learning Find study partner
Affiliate notice

Take your pen testing skills to the next level. Learn how to locate and exploit website vulnerabilities with Burp Suite, sqlmap, DIRB, and more.

Introduction
  • Protecting your websites
  • What you should know before watching this course
  • Disclaimer
1. Website Scanning
  • Understanding websites
  • Identifying virtual websites
  • Using Burp Suite as a proxy
  • Busting open a website
  • Busting with DirBuster
  • Enumerating with WhatWeb and DirScanner
  • Enumerating with DIRB and Wfuzz
  • Crawling or spidering
  • Scanning at scale
2. Finding Vulnerabilities
  • Assessing websites with Nikto
  • Using the Metasploit WMAP scanner
  • Using sqlmap to find SQL injections
  • Skip fishing the site
  • Scanning for vulnerabilities with Nessus
  • Using test cases to manage security testing
3. Attacking the Website
  • A refresher on website shell implants
  • Uploading an ASPX shell using Cadaver
  • Coping with a calamity
  • Exploiting with phpbash
  • Exploiting Node.js
  • Injecting SQL using Burp Suite
  • Breaking into the bank
  • More ways into the bank
  • Owning the bank
  • Entering Europa
  • Owning Europa
  • Jenkins and Groovy scripting
  • Taking over the gym
4. Content Management Testing
  • Learning the basics of content management
  • Getting into WordPress
  • Penetrating WordPress
  • Getting Joomla Administrator
  • Shelling Joomla
  • Taking down the enterprise
Conclusion
  • What's next

Tags

Python Programming Enterprise Resource Planning (ERP) MLOps Norwegian

Quick Links

Browse by subject

Browse by provider

Browse by university

Browse by publisher

Browse by institution

Roadmaps

Posts