In this ethical hacking course you'll learn how to exploit the vulnerabilities found in web applications and web servers following the OWASP Testing Guide framework, used by companies all over the world to perform web penetration testing engagements. A vulnerable virtual machine, Web Sec Target Practice, is provided with the course for you to practice the various phases of the penetration testing engagement.
We'll predominantly use the Burp Suite Community edition and open source Kali tools throughout the entire course to test the infrastructure of the web server, brute force authentication forms, tamper with header attributes, perform XSS, SQL, command injections and other types of injections. We'll also develop a buffer overflow exploit step by step.
What will students achieve or be able to do after taking your course?
What knowledge & tools are required?