Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Web App Penetration Testing Tutorials

HackerSploit via YouTube

Overview

Dive into a comprehensive 12-hour tutorial series on web application penetration testing. Learn essential techniques and tools for identifying vulnerabilities in web applications. Master the use of Burp Suite for spidering, brute force attacks, and proxy configuration. Explore web application firewall detection with WAFW00F, hidden file discovery using ZAP, and WordPress vulnerability scanning. Gain hands-on experience with various attack vectors including XSS, CSRF, SQL injection, and directory traversal. Practice with popular platforms like OWASP Juice Shop and bWAPP. Discover advanced topics such as Docker for pentesting, Google dorking, and exploiting S3 bucket misconfigurations. Understand HTTP fundamentals, URL structures, and server-side technologies. Perfect for aspiring penetration testers and security professionals looking to enhance their web application security skills.

Syllabus

Web App Penetration Testing - #1 - Setting Up Burp Suite.
Web App Penetration Testing - #2 - Spidering & DVWA.
Web App Penetration Testing - #3 - Brute Force With Burp Suite.
Web App Penetration Testing - #4 - Web Application Firewall Detection With WAFW00F.
Web App Penetration Testing - #5 - Target Scope And Spidering.
Web App Penetration Testing - #6 - Discovering Hidden Files With ZAP.
Web App Penetration Testing - #7 - WordPress Vulnerability Scanning & Username Enumeration.
Web App Penetration Testing - #9 - Load Balancer Scan.
Web App Penetration Testing - #10 - XSS(Reflected, Stored & DOM).
Web App Penetration Testing With Zap - #11 - Configuring The Proxy.
Web App Penetration Testing - #12 - DirBuster.
Web App Penetration Testing - #13 - CSRF (Cross Site Request Forgery).
How To Install OWASP Juice Shop.
Web App Penetration Testing - #14 - Cookie Collection & Reverse Engineering.
Web App Penetration Testing - #15 - HTTP Attributes (Cookie Stealing).
OWASP Juice Shop - SQL Injection.
DotDotPwn - Directory Traversal Fuzzing.
Bug Bounty Hunting - iframe Injection & HTML Injection.
Heartbleed Exploit - Discovery & Exploitation.
Bug Bounty Hunting - PHP Code Injection.
bWAPP - HTML Injection - Reflected POST.
bWAPP - HTML Injection - Stored (Blog).
bWAPP - OS Command Injection With Commix (All levels).
bWAPP - Server-Side Include (SSI) Injection.
Docker For Pentesting And Bug Bounty Hunting.
Docker For Pentesting On Windows [Cybersecurity].
OverTheWire Natas Walkthrough - Level 0 - 4.
OverTheWire Natas Walkthrough - Level 5 - 10 (LFI & Command Injection).
Google Dorks For Penetration Testing.
Apache2 ModSecurity Tutorial | Apache2 WAF.
Nginx ModSecurity Tutorial | Nginx WAF.
Dumping S3 Buckets | Exploiting S3 Bucket Misconfigurations.
Fuzzing & Directory Brute-Force With ffuf.
Log4J - CVE 2021-44228 (Log4Shell) - Exploitation & Mitigation.
Web App Penetration Testing - Course Introduction.
Web App Penetration Testing - Introduction To HTTP.
Web App Pentesting - HTTP Headers & Methods.
Web App Pentesting - Setting Up OWASP bWAPP With Docker.
Web App Pentesting - URL Structure.

Taught by

HackerSploit

Reviews

3.0 rating, based on 1 Class Central review

Start your review of Web App Penetration Testing Tutorials

  • Well interesting but at least you people should do it as a theory and not in video format.
    You know not everyone will like to be watching videos that's why a theory work should be done as soon as possible
    Thanks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.