Course curriculum

  • INTRODUCTION

    • The Course Overview
    • Understanding Web Application Penetration Testing Process
    • Typical Web Application Toolkit
    • Testing Environment
    • INTRODUCTION : Quiz

  • INTERACTING WITH WEB APPLICATIONS

    • HTTP Protocol Basics
    • Anatomy of an HTTP Request
    • Interacting with Web Apps Using Requests Library
    • Analyzing the Responses
    • INTERACTING WITH WEB APPLICATIONS : Quiz

  • WEB CRAWLING WITH SCRAPY

    • Web Application Mapping
    • Creating a Crawler with Scrapy
    • Recursive Crawling
    • Extracting Information
    • WEB CRAWLING WITH SCRAPY : Quiz

  • RESOURCES DISCOVERY

    • What is Resource Discovery?
    • Building Our First Brute Forcer
    • Analyzing the Results
    • Adding More Information
    • Taking Screenshots of the Findings
    • RESOURCES DISCOVERY : Quiz

  • PASSWORD TESTING

    • How Password Attacks Work?
    • Our First Password Brute Forcer
    • Adding Support for Digest Authentication
    • Form-based Authentication
    • PASSWORD TESTING : Quiz

  • DETECTING AND EXPLOITING SQL INJECTION VULNERABILITIES

    • SQL Injection Vulnerability
    • Detecting SQL Injection Issues
    • Exploiting a SQL Injection to Extract Data
    • Advanced SQLi Exploiting

  • INTERCEPTING HTTP REQUESTS

    • HTTP Proxy Anatomy
    • Introduction to mitmproxy
    • Manipulating HTTP Requests
    • Automating SQLi in mitmproxy
    • Wrapping Up

  • End of Course Final Quiz

    • Learning Python Web Penetration Testing : Final Quiz

  • End of Course Survey

    • End of Course Survey