About This Course
The contents of this course are not covered in any of my other courses except for some basics. Although website hacking is covered in one of my other courses, that course only covers the basics where this course dives much deeper in this topic covering more techniques, more vulnerabilities, advanced exploitation, advanced post exploitation, bypassing security and more!
Welcome to my this comprehensive course on Website penetration testing. In this course you’ll learn website / web applications hacking & Bug Bounty hunting! This course assumes you have NO prior knowledge in hacking, and by the end of it you’ll be at a high level, being able to hack & discover bugs in websites like black-hat hackers and secure them like security experts!
This course is highly practical but it won’t neglect the theory, first you’ll learn how to install the needed software (on Windows, Linux and Mac OS X) and then we’ll start with websites basics, the different components that make a website, the technologies used, and then we’ll dive into website hacking straight away. From here onwards you’ll learn everything by example, by discovering vulnerabilities and exploiting them to hack into websites, so we’ll never have any dry boring theoretical lectures.
Before jumping into hacking, you’ll first learn how to gather comprehensive information about the target website, then the course is divided into a number of sections, each section covers how to discover, exploit and mitigate a common web application vulnerability, for each vulnerability you will first learn the basic exploitation, then you will learn advanced techniques to bypass security, escalate your privileges, access the database, and even use the hacked websites to hack into other websites on the same server.
All of the vulnerabilities covered here are very common in bug bounty programs, and most of them are part of the OWASP top 10.
You will learn how and why these vulnerabilities are exploitable, how to fix them and what are the right practices to avoid causing them.
Introduction of Web Application Penetration Testing
Introduction of Web Application6:33
Top 10 Owasp8:05
Setup environment for web application penetration testing
Overview of Hacking Lab3:33
Installing Metasploitable2 as a virtual machine6:00
Overview of DVWA Lab2:56
Preparation – Linux Basics
Basics Command of Kali Linux13:46
Roadmap of Information Gathering5:12
Information Gathering with Dmitry2:47
Whois lookup using kali linux00:00:00
Fierce subdomain scanner00:00:00
Gathering Details about mail server and name server00:00:00
Burpsuite – Penetration testing toolkit.
Downloading Burpsuite And Configure00:00:00
Overview of Burpsuite tool – Proxy00:00:00
Repeater – Burpsuite00:00:00
Target Sitemap – Burpsuite00:00:00
Cross Site Scripting Vulnerability
Overview of XSS Vulnerability00:00:00
Basic Cross Site Scripting (XSS)00:00:00
Basic XSS on Lab00:00:00
Manual Building XSS Vector00:00:00
Bypass XSS Filter00:00:00
XSS On Live Website00:00:00
XSS Live Hunting Part 100:00:00
XSS Live Hunting Part 200:00:00
Reflected XSS Vs Stored XSS00:00:00
Exploitation of XSS – URL Redirection00:00:00
Exploitation of XSS – Phishing00:00:00
Exploitation of XSS – Cookie Stealing00:00:00
SQL Injection Vulnerability
File Upload Vulnerability
File Upload Vulnerability – Exploitation
URL Redirection Vulnerability
HTML Injection Vulnerability
File Inclusion Vulnerability
Command Injection Vulnerability
Source Code Disclosure
Server Side Request Forgery
Host Header Injection Vulnerability
Critical File Found Vulnerability
Founder & CEO