Find out about the protocols used to access websites, and how to test websites and web applications to prevent exploitation through cyberattacks.
Ethical Hacking: Hacking Web Servers and Web Applications
Overview
Syllabus
Introduction
- Testing to make sure your website is safe
- What you should know
- Disclaimer
- Elements of web-based applications
- Introduction to web servers
- Dissecting the HTTP/HTTPS protocol
- Moving on to WebSockets
- Looking at the Google QUIC protocol
- Understanding cookies
- Introducing HTML
- Visiting OWASP
- Web access APIs
- Introducing the Zero Bank
- Installing the WebGoat Server
- Introducing Burp Suite
- Scanning with ZAP
- Proxying with ZAP
- Introducing WebScarab
- Fingerprinting web servers
- Looking for credentials in HTML code
- Using Cookie Jars
- Hijacking sessions with cookies
- Manipulating URL parameters
- Testing for SQL injections
- Cross-site scripting
- Injecting commands through the URL
- Testing with Uniscan
- Using the modsecurity WAF
- Practicing with online banking websites
- Hacking the cheese
- Training in the Web Security Dojo
- Next steps
Taught by
Malcolm Shore
Related Courses
-
Web Application Ethical Hacking - Penetration Testing Course for Beginners
4.1 -
Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
4.6 -
Input Validation Testing with Burp Suite
-
Ethical Hacking: Web Application Hacking
-
Burp Web Security Academy - Practitioner Labs Walkthrough
-
Burp Suite Unfiltered - Go from a Beginner to Advanced
