Course Content
Introduction
0/2
welcome
09:54
Course Structure
01:37
1: Setup
0/5
Lab Setup Overview
00:00
Lab Setup – Hyper-V
00:00
Lab Setup – VirtualBox
00:00
Lab Setup – Kali Linux
00:00
Lab Setup – Docker
00:00
2: Web Application Concepts
0/10
Servers and Clients
00:00
Lab – Nginx and Server Logs
00:00
HTTP
00:00
The Web Trinity
00:00
HTML
00:00
CSS
00:00
JavaScript
00:00
Lab – Alert Button
00:00
ZAP Intro
00:00
Lab – ZAP Enumeration
00:00
3: Server-Side Webapps
0/5
PHP
00:00
Lab – PHP with Docker
00:00
Server Side Security Considerations
00:00
Lab – WordPress
00:00
Lab – DVWA
00:00
4: The OWASP Top 10
0/14
OWASP Overview
00:00
Broken Access Control
00:00
Cryptographic Failures
00:00
Injection – XSS
00:00
Injection – SQLI
00:00
Injection – Command Injection
00:00
Insecure Design
00:00
Security Misconfiguration
00:00
Vulnerable and Outdated Components
00:00
Identification and Authentication Failures
00:00
Software and Data Integrity Failures
00:00
Security Logging and Monitoring Failures
00:00
Server-Side Request Forgery
00:00
Extra Practice
00:00
5: Client-Side Webapps
0/3
Client-Side Webapp Intro
00:00
Lab – Juice Shop
00:00
Frontend Considerations
00:00
6: Webapp Pentesting Methodology
0/5
Preparation
00:00
Scoping
00:00
Enumeration
00:00
Manual Testing
00:00
Automated Attacks
00:00
7: Juice Shop Pentest
0/8
Automatic Enumeration
00:00
Manual Enumeration
00:00
Discoveries
00:00
Login/Authentication
00:00
Purchasing
00:00
Customer Support
00:00
Additional API Testing
00:00
Legacy Code
00:00
8: Reporting
0/2
Report Structure
00:00
Writing Tips
00:00
9: Final Thoughts
0/2
Exhibition of Mastery
00:00
Next Step
00:00
Practical Web Application Security & Testing
Join the conversation
Previous
Next
0% Complete
Ask ChatGPT
Set ChatGPT API key
Find your Secret API key in your ChatGPT User settings and paste it here to connect ChatGPT with your Tutor LMS website.