وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

Web Application Penetration Testing Professional (eWPTv2)

سرفصل های دوره

SECTION 1 - Learning Path Introduction
  • 1. Introduction

  • SECTION 2 - Introduction to Web App Security Testing
  • INE-Introduction-to-Web-Application-Security-Testing-Course-File.zip
      Module 1 - Welcome
    • 1. Course Introduction
      Module 2 - Overview
    • 1. Introduction to Web Application Security
    • 2. Web Application Security Testing
    • 3. Common Web Application Threats & Risks
      Module 3 - Architecture & Components
    • 1. Web Application Architecture
    • 2. Web Application Technologies - Part 1
    • 3. Web Application Technologies - Part 2
      Module 4 - Fundamentals
    • 1. Introduction to HTTP
    • 2. HTTP Requests - Part 1
    • 3. HTTP Requests - Part 2
    • 4. HTTP Responses
    • 5. HTTP Basics Lab - Part 1
    • 6. HTTP Basics Lab - Part 2
    • 7. Lab - HTTP Method Enumeration.zip
    • 8. HTTPS
      Module 5 - Testing Lifecycle
    • 1. Web App Pentesting Methodology
    • 2. OWASP Top 10
    • 3. OWASP Web Security Testing Guide (WSTG) - Part 1
    • 4. OWASP Web Security Testing Guide (WSTG) - Part 2
    • 5. Pre-Engagement Phase
    • 6. Documenting & Communicating Findings - Part 1
    • 7. Documenting & Communicating Findings - Part 2
      Module 6 - Goodbye
    • 1. Course Conclusion

  • SECTION 3 - Information Gathering
      Module 1 - Welcome
    • 1. Course Introduction
      Module 2 - Lessons
        1. Web Enumeration & Information Gathering
      • 1. Introduction to Web Enumeration & Information Gathering
      • 2. OWASP Web Security Testing Guide
        2. Finding Ownership & IP Addresses
      • 1. WHOIS
      • 2. Website Fingerprinting with Netcraft
      • 3. Passive DNS Enumeration
        3. Reviewing Webserver Metafiles for Information Leakage
      • 1. Reviewing Webserver Metafiles
        4. Search Engine Discovery
      • 1. Google Dorks
        5. Web App Fingerprinting
      • 1. Web App Technology Fingerprinting
      • 2. WAF Detection
        6. Source Code Analysis
      • 1. Copying Websites with HTTRack
      • 2. Website Screenshots with EyeWitness
        7. Website Crawling & Spidering
      • 1. Passive Crawling & Spidering with Burp Suite & OWASP ZAP
          2. Lab - Passive Crawling with Burp Suite
        • Overview.txt
        • Solution.pdf
        8. Web Servers
      • 1. Web Server Fingerprinting
          2. Lab - Apache Recon - Basics
        • Overview.txt
        • Solution.pdf
        9. DNS Enumeration
      • 1. DNS Zone Transfers
          2. Lab - DNS - Zone Transfer Enabled
        • Overview.txt
        • Solution.pdf
        10. Subdomains
      • 1. Subdomain Enumeration
        11. Web Server Vulnerability Scanning
      • 1. Web Server Scanning with Nikto
          2. Lab - Scanning Web Application with Nikto
        • Overview.txt
        • Solution.pdf
        12. File & Directory Enumeration
      • 1. File & Directory Brute-Force
          2. Lab - Directory Enumeration with Gobuster
        • Overview.txt
        • Solution.pdf
        13. Automated Recon Frameworks
      • 1. Automated Web Recon with OWASP Amass
      Module 3 - Goodbye
    • 1. Course Conclusion
      PDFs
    • DNS Zone Transfer.pdf
    • File Directory Brute-Force.pdf
    • INE-Web-Application-Penetration-Testing-Web-Fingerprinting-and-Enumeration.pdf
    • Passive Crawling With Burp Suite.pdf
    • Web Server Fingerprinting.pdf
    • Web Server Scanning With Nikto.pdf

    SECTION 4 - Web Proxies
  • INE-WAPT-Web-Proxies-and-Information-Gathering-Course-Files.zip
      Module 1. WAPT - Web Proxies and Web Information Gathering
        1. Introduction
      • 1. Course Introduction
        2. Web Proxies
      • 1. Introduction to Web Proxies
      Module 2 - Lessons
        2. Burp Suite
      • 1. Introduction to Burp Suite
      • 2. Burp Suite.zip
      • 2. Configuring the Burp Proxy
      • 3. Burp Suite Dashboard & UI
      • 4. Burp Suite Target & Scope
      • 5. Passive Crawling with Burp Suite
      • 7. Burp Suite Intruder
      • 9. Attacking Basic Auth with Intruder & Decoder
      • 11. Burp Suite Repeater
        3. OWASP ZAP
      • 1. Introduction to OWASP ZAP
      • 2. OWASP ZAP Dashboard & UI
      • 3. Configuring the OWASP ZAP Proxy
      • 3. OWASP ZAP.zip
      • 4. OWASP ZAP Context & Scope
      • 5. Directory Enumeration with OWASP ZAP
      • 7. Web App Scanning with OWASP ZAP
      • 9. Spidering with OWASP ZAP
      • 11. Attacking HTTP Login Forms with OWASP ZAP
      Module 3
    • 1. Course Conclusion

  • SECTION 5 - Cross-Site Scripting (XSS)
  • INE Web Application Penetration Testing XSS Attacks Course File.zip
      Module 1. Introduction
    • 1. Course Introduction
      Module 2. Lessons
        1. Introduction to XSS Attacks
      • 1. Introduction to Cross-Site Scripting (XSS)
      • 2. Javascript Primer
      • 3. Anatomy of a Cross-Site Scripting Attack
        2. Reflected XSS
      • 1. Introduction to Reflected XSS
      • 2. Reflected XSS.zip
      • 3. Exploiting Reflected XSS Vulnerabilities in WordPress
      • 5. Cookie Stealing Via Reflected XSS
        3. Stored XSS
      • 1. Introduction to Stored XSS
      • 3. Exploiting Stored XSS Vulnerabilities in MyBB Forum
      • 3. Stored XSS.zip
        4. DOM-Based XSS
      • 1. Introduction to DOM-Based XSS
      • 2. Exploiting DOM-Based XSS Vulnerabilities
        5. XSS Tools
      • 1. Identifying & Exploiting XSS Vulnerabilities with XSSer
      • 2. Lab - XSS Attack with XSSer.zip
      Module 3 - Goodbye
    • 1. Course Conclusion

  • SECTION 6 - SQL Injection
  • INE-Web-Application-Penetration-Testing-SQL-Injection-Attacks-Course-Files.zip
      0. Introduction
    • 1. Course Introduction
      1. SQL Injection Fundamentals
    • 1. Introduction to SQL Injection
    • 2. Anatomy of an SQL Injection Attack
    • 3. Types of SQL Injection Vulnerabilities
      2. Databases
    • 1. Introduction to Databases & DBMS
    • 2. Relational vs NoSQL Databases
      3. SQL Primer
    • 1. Introduction to SQL
    • 2. SQL Fundamentals - Part 1
    • 3. SQL Fundamentals - Part 2
    • 4. Lab - SQL Basics.zip
      4. Finding SQLi Vulnerabilities
    • 1. Hunting for SQL Injection Vulnerabilities - Part 1
    • 2. Hunting for SQL Injection Vulnerabilities - Part 2
    • 3. Finding SQL Injection Vulnerabilities Manually - Part 1
    • 4. Finding SQL Injection Vulnerabilities Manually - Part 2
    • 5. Mutillidae 2.zip
    • 6. Finding SQL Injection Vulnerabilities with OWASP ZAP
      5. In-Band SQL Injection
    • 1. Exploiting Error-Based SQL Injection Vulnerabilities - Part 1
    • 2. Exploiting Error-Based SQL Injection Vulnerabilities - Part 2
    • 4. Exploiting Union-Based SQL Injection Vulnerabilities - Part 1
    • 5. Exploiting Union-Based SQL Injection Vulnerabilities - Part 2
    • 5. In-Band SQL Injection.zip
      6. Blind SQL Injection
    • 1. Introduction to Boolean-Based SQL Injection Vulnerabilities
    • 3. Exploiting Boolean-Based SQL Injection Vulnerabilities - Part 1
    • 4. Exploiting Boolean-Based SQL Injection Vulnerabilities - Part 2
    • 6. Blind SQL Injection.zip
    • 6. Exploiting Time-Based SQL Injection Vulnerabilities - Part 1
    • 7. Exploiting Time-Based SQL Injection Vulnerabilities - Part 2
      7. NoSQL Injection
    • 1. NoSQL Fundamentals - Part 1
    • 2. NoSQL Fundamentals - Part 2
    • 4. MongoDB NoSQL Injection
    • 7. NoSQL Injection.zip
      8. Conclusion
    • 1. Course Conclusion

  • SECTION 7 - Common Attacks
  • INE-Web-Application-Security-Testing-Testing-for-Common-Attacks-Course-File.zip
      0. Course Introduction
    • 1. Course Introduction
      1. HTTP
    • 1. HTTP.zip
    • 1. HTTP Method Tampering
    • 3. Attacking Basic HTTP Authentication
    • 5. Attacking HTTP Digest Authentication
      2. Sensitive Data Exposure
    • 1. Sensitive Data Exposure Vulnerabilities
    • 2. Lab - Vulnerable Apache III.zip
      3. Broken Authentication
    • 1. Attacking Login Forms with Burp Suite
    • 3. Attacking Login Forms with OTP Security
    • 3. Broken Authentication.zip
      4. Session Security
    • 1. Introduction to Session Management
    • 2. Session IDs & Cookies
    • 3. Session Hijacking & Session Fixation
    • 4. Session Hijacking Via Cookie Tampering
    • 5. Lab - Improper Session Management III.zip
      5. CSRF
    • 1. Introduction to Cross-Site Request Forgery (CSRF)
    • 2. Advanced Electron Forum CSRF
    • 3. Lab - Advanced Electron Forum.zip
      6. Injection & Input Validation
    • 1. Command Injection
    • 3. PHP Code Injection
    • 6. Injection & Input Validation.zip
      7. Security Misconfigurations
    • 1. RCE Via MySQL
    • 2. Lab - RCE via MySQL.zip
      8. Course Conclusion
    • 1. Course Conclusion

  • SECTION 8 - File & Resource Attacks
  • INE-Web-Application-Penetration-Testing-File-and-Resource-Attacks-Course-File.zip
      0. Introduction
    • 1. Course Introduction
      1. Arbitrary File Upload Vulnerabilities
    • 1. Arbitrary File Upload Vulnerabilities.zip
    • 1. Introduction to Arbitrary File Upload Vulnerabilities
    • 2. Exploiting Basic File Upload Vulnerabilities
    • 4. Bypassing File Upload Extension Filters
    • 6. Bypassing PHPx Blacklists
    • 8. WordPress wpStoreCart File Upload
      2. Directory or Path Traversal
    • 1. Introduction to Directory Traversal
    • 2. Directory Traversal Basics
    • 2. Directory or Path Traversal.zip
    • 4. OpenEMR Directory Traversal - Part 1
    • 5. OpenEMR Directory Traversal - Part 2
      3. Local File Inclusion (LFI)
    • 1. Introduction to Local File Inclusion (LFI)
    • 2. Local File Inclusion Basics
    • 3. Local File Inclusion (LFI).zip
    • 4. WordPress IMDb Widget LFI
      4. Remote File Inclusion (RFI)
    • 1. Introduction to Remote File Inclusion (RFI)
    • 2. Remote File Inclusion Basics
    • 3. Lab - Remote File Inclusion I.zip
      5. Conclusion
    • 1. Course Conclusion

  • SECTION 9 - Web Services
  • INE-Web-Application-Security-Testing-Web-Service-Security-Testing-Course-File.zip
      0. Introduction
    • 1. Course Introduction
      1. Web Services
    • 1. Introduction to Web Services
    • 2. Web Services Vs APIs
    • 3. Web Service Implementations
    • 4. WSDL Language Fundamentals
      2. Testing
    • 1. Web Service Security Testing
    • 2. WSDL Disclosure & Method Enumeration
    • 3. Invoking Hidden Methods
    • 4. Testing for SQL Injection
    • 5. Testing for Command Injection
      3. Conclusion
    • 1. Course Conclusion

  • SECTION 10 - CMS Pentesting
  • INE-Web-Application-Security-Testing-CMS-Security-Testing-Course-File.zip
      0. Introduction
    • 1. Course Introduction
      1. Security Testing Introduction
    • 1. Introduction to CMS Security Testing
    • 2. Introduction to WordPress Security Testing
      2. Information Gathering & Enumeration
    • 1. WordPress Version Enumeration
    • 3. Enumerating WordPress Users, Plugins & Themes
    • 5. Enumerating Hidden Files & Sensitive Information
    • 7. WordPress Enumeration with Nmap NSE Scripts
        2. Lab - WordPress AdRotate
      • Overview.txt
      • Solution.pdf
        4. Lab - CVE-2017-5487
      • Overview.txt
      • Solution.pdf
        6. Lab - CVE-2018-8719
      • Overview.txt
      • Solution.pdf
      3. Vulnerability Scanning
    • 1. WordPress Vulnerability Scanning with WPScan
        2. Lab - CVE-2015-6522
      • Overview.txt
      • Solution.pdf
      4. Authentication Attacks
    • 1. WordPress Brute-Force Attacks
        2. Lab - WordPress Plugin
      • Overview.txt
      • Solution.pdf
      5. Exploiting Vulnerabilities
    • 1. WP Plugin - Arbitrary File Upload Vulnerability
    • 2. WP Plugin - Stored XSS Vulnerability (CVE-2020-9371)
        3. Lab - CVE-2020-9371
      • Overview.txt
      • Solution.pdf
      6. WordPress Black-Box Pentest
    • 1. WordPress Black-Box Pentest
      7. Conclusion
    • 1. Course Conclusion

  • SECTION 11 - Encoding & Filtering
  • INE-Web-Application-Security-Testing-Encoding-Filtering-and-Evasion-Basics-Course-File.zip
      0. Introduction
    • 1. Course Introduction
      1. Encoding
    • 1. Introduction to Encoding - Part 1
    • 2. Introduction to Encoding - Part 2
    • 3. HTML Encoding
    • 4. URL Encoding - Part 1
    • 5. URL Encoding - Part 2
    • 6. Base64 Encoding
      2. Filtering
    • 1. Introduction to Input Filtering
    • 2. Bypassing Client-Side Filters
    • 2. Filtering.zip
    • 4. Bypassing Server-Side Filters - Part 1
    • 5. Bypassing Server-Side Filters - Part 2
    • 7. Bypassing XSS Filters In Chamilo LMS
      3. Evasion
    • 1. Introduction to Evasion
    • 2. Bypassing Squid Proxy - Browser Based Restrictions
    • 3. Lab - Squid - Browser Based Restriction.zip
      4. Conclusion
    • 1. Course Conclusion

  • SECTION 12 - Learning Path Conclusion
  • 1. Conclusion
  • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    شناسه: 29508
    حجم: 22880 مگابایت
    مدت زمان: 3287 دقیقه
    تاریخ انتشار: 2 اسفند 1402
    دسته بندی محصول
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید