TCM Security – Practical Web Hacking
Free Download TCM Security – Practical Web Hacking
Last updated 8/2024
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English | Duration: 59 Lessons ( 9h 3m ) | Size: 1.2 GB
Expand your knowledge and skills in web application hacking with this intermediate course.
Welcome to this course on Practical Web Hacking. This course follows on from the Practical Bug Bounty course and will take you deeper into the world of finding and exploiting vulnerabilities in web applications. It's recommended that you have completed the Practical Bug Bounty course or at least one year's worth of experience in hacking web applications before you take this course. In this course, you will develop a deeper understanding of how web attacks work, learn to craft custom payloads and build a methodology for finding and exploiting more complex vulnerabilities.
Requirements
Completion of the Practical Bug Bounty course OR 1 years web hacking experience
A positive attitude
Course objectives
Understand how web applications and their various components work
Understand common and intermediate attacks against web applications
Ability to identify potential weaknesses and vulnerabilities in web applications
Ability to craft payloads to exploit an identified vulnerability
Target audience
Practical Web Hacking is aimed at those who want to understand, find and exploit vulnerabilities within web applications for penetration testing and bug bounty hunting. This is an intermediate course so an understanding of web applications and basic attacks is required. If you're new to web application security testing then we recommend you take the Practical Bug Bounty course first. This course is also ideal for experienced network penetration testers who want to improve their web application testing skills.
System requirements
A computer able to run a Linux virtual machine
The course will cover
How web applications work
Authentication attacks
Broken access control
Server-side request forgery
Advanced SQL injection attacks and NoSQL injection
File inclusion
XML External Entity Injection
XSS and filter bypasses
Attacking JSON Web Tokens
Mass assignment
Open redirects
Race conditions
Capstone challenge
By the end of the course you will have a good understanding of how these attacks work, be able to find them in situations that are not immediately obvious or overlooked by automated scans and fuzzing. Be able to modify and craft custom payloads to bypass filters or achieve exploitation in unusual circumstances.
Homepage
https://academy.tcm-sec.com/p/practical-web-hackingNo Password - Links are Interchangeable
