Get your free t-shirt by signing up.

    About Course

    Are you a beginner and looking to break into the AppSec field? Don't know where to start your Application Security journey? Curious to know what it takes to get started with Bug Bounties? Then, this course is a great start for you. This practical web application penetration testing course is suitable for beginners and it covers a wide range of common web application attacks. Once you get the foundations right, you can build your skills on your own from there. This entry-level web security course also provides a custom web application developed in Java specifically for this course. In addition to it, the course also covers some challenges in a publicly available vulnerable web application. The course provides necessary background details to the concepts wherever necessary.

    Following are some of the topics covered in this course:

    • Web Application Architecture
    • HTTP Requests and Responses
    • SQL Injection - Authentication Bypass
    • Manually Exploiting Error Based SQL Injection
    • SQLMap for exploiting SQL Injection
    • Cross Site Scripting - Reflected, Stored and DOM Based
    • Cross Site Request Forgery
    • Broken Cryptography
    • Access Control Issues
    • Arbitrary File Uploads
    • XPATH Injection
    • XML External Entity (XXE) Injection
    • Command Execution via Security Misconfigurations
    • Command Execution via outdated software
    • Java Deserialization
    • Improper Error Handling
    • Automated Vulnerability Scanning
    • Burp Suite Community

    You will learn the following for most vulnerabilities discussed in the course.

    • Identifying a vulnerability
    • How to exploit an identified vulnerability
    • How to prevent the discussed vulnerability

    [IMPORTANT NOTE]:

    The Initial Version of the course is launched and it will be updated regularly for next three week with new modules


    Curriculum


      Course Introduction
    Available in days
    days after you enroll
      Introduction
    Available in days
    days after you enroll
      Lab Setup
    Available in days
    days after you enroll
      SQL Injection
    Available in days
    days after you enroll
      Same Origin Policy
    Available in days
    days after you enroll
      Cross Site Scripting
    Available in days
    days after you enroll
      Cross Site Request Forgery (CSRF)
    Available in days
    days after you enroll
      XML Vulnerabilities
    Available in days
    days after you enroll
      Access Control Issues
    Available in days
    days after you enroll
      File Upload Vulnerabilities
    Available in days
    days after you enroll
      Platform Misconfigurations
    Available in days
    days after you enroll
      Improper Error Handling
    Available in days
    days after you enroll
      Java Deserialization
    Available in days
    days after you enroll
      Broken Cryptography
    Available in days
    days after you enroll
      Automated Vulnerability Scanning
    Available in days
    days after you enroll

    Choose a Pricing Option