Web Hacker’s Toolbox – Tools Used by Successful Hackers

سرفصل های دوره

Ethical hackers and penetration testers need a very good toolbox to do their job efficiently. They would also need to learn step-by-step how to use the tools from this toolbox and that’s exactly what this course delivers. In this course, we will demonstrate Sqlmap, which is the most powerful tool for automated SQL injection detection and exploitation. The course will also present Google Hacking and show you how it can be used to find security weaknesses in web applications. Later on in the course, you will be presented with fuzzing, which is a vulnerability detection technique used by many successful hackers, and it will be demonstrated how to perform fuzzing with Burp Suite Intruder. Finally, you will learn how to exploit race conditions with OWASP ZAP. Race conditions can lead to very dangerous attacks on modern web applications, and this is exactly what we will demonstrate at later stages. By the end of this course, you will have worked on the tools used by successful hackers and start using them in your own penetration testing projects going forward.

Chapter 1 - Introduction to the Course

1. Introduction

Chapter 2 - How Hackers Find SQL Injections in Minutes with Sqlmap

01. Introduction

02. The Basics of Sqlmap - Overview

03. The Basics of Sqlmap - Demo

04. Dumping Database Table Entries - Overview

05. Dumping Database Table Entries - Demo

06. From SQL Injection to Remote Code Execution - Overview

07. From SQL Injection to Remote Code Execution - Demo

08. More Advanced Testing with Sqlmap - Overview

09. More Advanced Testing with Sqlmap - Demo

10. Bypassing Web Application Firewalls - Overview

11. Bypassing Web Application Firewalls - Demo

12. Summary

Chapter 3 - Web Application Security Testing with Google Hacking

01. Introduction

02. Google Hacking - Finding Directory Listings

03. Google Hacking - Finding SQL Syntax Errors

04. Google Hacking - Finding Publicly Exposed Backup Files

05. Google Hacking - Finding Internal Server Errors

06. Google Hacking - Finding Sensitive Data in URLs

07. Google Hacking - Finding Insecure HTTP Web Pages

08. Google Hacking Database

09. Case Study - Microsoft Yammer Social Network

10. How to Prevent Google Indexing from Happening

11. Summary

Chapter 4 - Fuzzing with Burp Suite Intruder

1. The Basics of Fuzzing

2. Fuzzing with Burp Suite Intruder - Overview

3. Fuzzing for SQL Injection - Demo

4. Fuzzing for Path Traversal - Demo

5. Fuzzing with Burp Suite Intruder - Tips and Tricks

Chapter 5 - Exploiting Race Conditions with OWASP ZAP

1. Introduction

2. Exploiting Race Conditions - Case 1 (Part1)

3. Exploiting Race Conditions - Case 1 (Part2)

4. Exploiting Race Conditions - Case 2

5. Case Studies of Award-Winning Race Condition Attacks

179,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PacktPub