Ethical Hacking: Hacking Web Applications
Pluralsight is not an official partner or accredited training center of EC-Council. Understanding how to detect and identify risks in your web applications is absolutely critical. This course goes through the risks in depth.
What you'll learn
Pluralsight is not an official partner or accredited training center of EC-Council. The security profile of web applications is enormously important when it comes to protecting sensitive customer data, financial records, and reputation. Yet, web applications are frequently the target of malicious actors who seek to destroy these things by exploiting vulnerabilities in the software. Most attacks against web applications exploit well known vulnerabilities for which tried and tested defenses are already well-established. Learning these patterns – both those of the attacker and the defender – is essential for building the capabilities required to properly secure applications on the web today. In this course, we'll look a range of different security paradigms within web applications both conceptually and in practice. They'll be broken down into detail, exploited, and then discussed in the context of how the attacks could have been prevented. This course is part of the Ethical Hacking Series. http://blog.pluralsight.com/learning-path-ethical-hacking
Table of contents
- Overview 3m
- The State of Web Application Security 4m
- Understanding Web Application Security 6m
- Query Strings, Routing, and HTTP Verbs 9m
- The Discoverability of Client Security Constructs 4m
- Protections Offered by Browsers 9m
- What the Browser Can't Defend Against 2m
- What's Not Covered in This Course 1m
- Summary 2m
- Overview 2m
- Spidering with NetSparker 6m
- Forced Browsing with Burp Suite 9m
- Directory Traversal 4m
- Banner Grabbing with Wget 3m
- Server Fingerprinting with Nmap 4m
- Discovery of Development Artefacts with Acunetix 4m
- Discovery of Services via Generated Documentation 4m
- Discovering Framework Risks 3m
- Identifying Vulnerable Targets with Shodan 2m
- Summary 2m
About the author
Troy Hunt is a Microsoft Regional Director and MVP for Developer Security, an ASPInsider, and a full time Author for Pluralsight—a leader in online training for technology and creative professionals. Troy has been building software for browsers since the very early days of the web and possesses an exceptional ability to distill complex subjects into relatable explanations. This has led Troy to become an industry thought leader in the security space and produce more than twenty top-rated courses ... more