English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 25m | 247 MB
Websites and web applications are—by their very nature—accessible remotely, which puts them at high risk of cyberattacks. Knowing how to detect and prevent web attacks is a critical skill for developers and information security professionals alike. In this course, find out how to test your sites and applications for weaknesses. Cybersecurity expert Malcolm Shore examines the various parts of a web application and introduces the Open Web Application Security Project (OWASP), which provides documentation, tools, and forums for web developers and testers. He also provides an overview of popular testing tools, including Burp Suite and OWASP ZAP. Learn how to use these utilities to run basic and advanced tests, and protect sites against common attacks.
Topics include:
- Key elements of web-based applications
- Working with cookies
- Web testing with WebGoat and Burp Suite
- Running basic tests, such as fingerprinting web servers
- Advanced testing, including testing for SQL injections
Table of Contents
1 Understanding web testing
2 What you should know
3 Disclaimer
4 Elements of web-based applications
5 Dissecting the HTTP HTTPS protocol
6 Moving on to WebSockets
7 Looking at the Google QUIC protocol
8 Understanding cookies
9 Introducing HTML
10 Visiting OWASP
11 Introducing the Zero Bank
12 Installing the WebGoat Server
13 Introducing Burp Suite
14 Scanning with ZAP
15 Proxying with ZAP
16 Introducing WebScarab
17 Fingerprinting web servers
18 Looking for credentials in HTML code
19 Using cookie jars
20 Hijacking sessions with cookies
21 Manipulating URL parameters
22 Testing for SQL injections
23 Cross-site scripting
24 Injecting commands through the URL
25 Testing with Uniscan
26 Practicing with online banking websites
27 Hacking the cheese
28 Training in the Web Security Dojo
29 Next steps
Resolve the captcha to access the links!