وب سایت تخصصی شرکت فرین
دسته بندی دوره ها

در حال حاضر محصولی در سبد خرید شما وجود ندارد.

رمز خود را فراموش کرده اید؟
وب سایت تخصصی شرکت فرین
خانه » فروشگاه » Web Application Penetration Testing Professional (eWPTv2)

Web Application Penetration Testing Professional (eWPTv2)

سرفصل های دوره

SECTION 1 - Learning Path Introduction
  • 1. Introduction

    • SECTION 2 - Introduction to Web App Security Testing
  • INE-Introduction-to-Web-Application-Security-Testing-Course-File.zip
      Module 1 - Welcome
    • 1. Course Introduction
      Module 2 - Overview
    • 1. Introduction to Web Application Security
    • 2. Web Application Security Testing
    • 3. Common Web Application Threats & Risks
      Module 3 - Architecture & Components
    • 1. Web Application Architecture
    • 2. Web Application Technologies - Part 1
    • 3. Web Application Technologies - Part 2
      Module 4 - Fundamentals
    • 1. Introduction to HTTP
    • 2. HTTP Requests - Part 1
    • 3. HTTP Requests - Part 2
    • 4. HTTP Responses
    • 5. HTTP Basics Lab - Part 1
    • 6. HTTP Basics Lab - Part 2
    • 7. Lab - HTTP Method Enumeration.zip
    • 8. HTTPS
      Module 5 - Testing Lifecycle
    • 1. Web App Pentesting Methodology
    • 2. OWASP Top 10
    • 3. OWASP Web Security Testing Guide (WSTG) - Part 1
    • 4. OWASP Web Security Testing Guide (WSTG) - Part 2
    • 5. Pre-Engagement Phase
    • 6. Documenting & Communicating Findings - Part 1
    • 7. Documenting & Communicating Findings - Part 2
      Module 6 - Goodbye
    • 1. Course Conclusion

    • SECTION 3 - Information Gathering
      Module 1 - Welcome
    • 1. Course Introduction
      Module 2 - Lessons
        1. Web Enumeration & Information Gathering
      • 1. Introduction to Web Enumeration & Information Gathering
      • 2. OWASP Web Security Testing Guide
        2. Finding Ownership & IP Addresses
      • 1. WHOIS
      • 2. Website Fingerprinting with Netcraft
      • 3. Passive DNS Enumeration
        3. Reviewing Webserver Metafiles for Information Leakage
      • 1. Reviewing Webserver Metafiles
        4. Search Engine Discovery
      • 1. Google Dorks
        5. Web App Fingerprinting
      • 1. Web App Technology Fingerprinting
      • 2. WAF Detection
        6. Source Code Analysis
      • 1. Copying Websites with HTTRack
      • 2. Website Screenshots with EyeWitness
        7. Website Crawling & Spidering
      • 1. Passive Crawling & Spidering with Burp Suite & OWASP ZAP
          2. Lab - Passive Crawling with Burp Suite
        • Overview.txt
        • Solution.pdf
        8. Web Servers
      • 1. Web Server Fingerprinting
          2. Lab - Apache Recon - Basics
        • Overview.txt
        • Solution.pdf
        9. DNS Enumeration
      • 1. DNS Zone Transfers
          2. Lab - DNS - Zone Transfer Enabled
        • Overview.txt
        • Solution.pdf
        10. Subdomains
      • 1. Subdomain Enumeration
        11. Web Server Vulnerability Scanning
      • 1. Web Server Scanning with Nikto
          2. Lab - Scanning Web Application with Nikto
        • Overview.txt
        • Solution.pdf
        12. File & Directory Enumeration
      • 1. File & Directory Brute-Force
          2. Lab - Directory Enumeration with Gobuster
        • Overview.txt
        • Solution.pdf
        13. Automated Recon Frameworks
      • 1. Automated Web Recon with OWASP Amass
      Module 3 - Goodbye
    • 1. Course Conclusion
      PDFs
    • DNS Zone Transfer.pdf
    • File Directory Brute-Force.pdf
    • INE-Web-Application-Penetration-Testing-Web-Fingerprinting-and-Enumeration.pdf
    • Passive Crawling With Burp Suite.pdf
    • Web Server Fingerprinting.pdf
    • Web Server Scanning With Nikto.pdf

    SECTION 4 - Web Proxies
  • INE-WAPT-Web-Proxies-and-Information-Gathering-Course-Files.zip
      Module 1. WAPT - Web Proxies and Web Information Gathering
        1. Introduction
      • 1. Course Introduction
        2. Web Proxies
      • 1. Introduction to Web Proxies
      Module 2 - Lessons
        2. Burp Suite
      • 1. Introduction to Burp Suite
      • 2. Burp Suite.zip
      • 2. Configuring the Burp Proxy
      • 3. Burp Suite Dashboard & UI
      • 4. Burp Suite Target & Scope
      • 5. Passive Crawling with Burp Suite
      • 7. Burp Suite Intruder
      • 9. Attacking Basic Auth with Intruder & Decoder
      • 11. Burp Suite Repeater
        3. OWASP ZAP
      • 1. Introduction to OWASP ZAP
      • 2. OWASP ZAP Dashboard & UI
      • 3. Configuring the OWASP ZAP Proxy
      • 3. OWASP ZAP.zip
      • 4. OWASP ZAP Context & Scope
      • 5. Directory Enumeration with OWASP ZAP
      • 7. Web App Scanning with OWASP ZAP
      • 9. Spidering with OWASP ZAP
      • 11. Attacking HTTP Login Forms with OWASP ZAP
      Module 3
    • 1. Course Conclusion

    • SECTION 5 - Cross-Site Scripting (XSS)
  • INE Web Application Penetration Testing XSS Attacks Course File.zip
      Module 1. Introduction
    • 1. Course Introduction
      Module 2. Lessons
        1. Introduction to XSS Attacks
      • 1. Introduction to Cross-Site Scripting (XSS)
      • 2. Javascript Primer
      • 3. Anatomy of a Cross-Site Scripting Attack
        2. Reflected XSS
      • 1. Introduction to Reflected XSS
      • 2. Reflected XSS.zip
      • 3. Exploiting Reflected XSS Vulnerabilities in WordPress
      • 5. Cookie Stealing Via Reflected XSS
        3. Stored XSS
      • 1. Introduction to Stored XSS
      • 3. Exploiting Stored XSS Vulnerabilities in MyBB Forum
      • 3. Stored XSS.zip
        4. DOM-Based XSS
      • 1. Introduction to DOM-Based XSS
      • 2. Exploiting DOM-Based XSS Vulnerabilities
        5. XSS Tools
      • 1. Identifying & Exploiting XSS Vulnerabilities with XSSer
      • 2. Lab - XSS Attack with XSSer.zip
      Module 3 - Goodbye
    • 1. Course Conclusion

    • SECTION 6 - SQL Injection
  • INE-Web-Application-Penetration-Testing-SQL-Injection-Attacks-Course-Files.zip
      0. Introduction
    • 1. Course Introduction
      1. SQL Injection Fundamentals
    • 1. Introduction to SQL Injection
    • 2. Anatomy of an SQL Injection Attack
    • 3. Types of SQL Injection Vulnerabilities
      2. Databases
    • 1. Introduction to Databases & DBMS
    • 2. Relational vs NoSQL Databases
      3. SQL Primer
    • 1. Introduction to SQL
    • 2. SQL Fundamentals - Part 1
    • 3. SQL Fundamentals - Part 2
    • 4. Lab - SQL Basics.zip
      4. Finding SQLi Vulnerabilities
    • 1. Hunting for SQL Injection Vulnerabilities - Part 1
    • 2. Hunting for SQL Injection Vulnerabilities - Part 2
    • 3. Finding SQL Injection Vulnerabilities Manually - Part 1
    • 4. Finding SQL Injection Vulnerabilities Manually - Part 2
    • 5. Mutillidae 2.zip
    • 6. Finding SQL Injection Vulnerabilities with OWASP ZAP
      5. In-Band SQL Injection
    • 1. Exploiting Error-Based SQL Injection Vulnerabilities - Part 1
    • 2. Exploiting Error-Based SQL Injection Vulnerabilities - Part 2
    • 4. Exploiting Union-Based SQL Injection Vulnerabilities - Part 1
    • 5. Exploiting Union-Based SQL Injection Vulnerabilities - Part 2
    • 5. In-Band SQL Injection.zip
      6. Blind SQL Injection
    • 1. Introduction to Boolean-Based SQL Injection Vulnerabilities
    • 3. Exploiting Boolean-Based SQL Injection Vulnerabilities - Part 1
    • 4. Exploiting Boolean-Based SQL Injection Vulnerabilities - Part 2
    • 6. Blind SQL Injection.zip
    • 6. Exploiting Time-Based SQL Injection Vulnerabilities - Part 1
    • 7. Exploiting Time-Based SQL Injection Vulnerabilities - Part 2
      7. NoSQL Injection
    • 1. NoSQL Fundamentals - Part 1
    • 2. NoSQL Fundamentals - Part 2
    • 4. MongoDB NoSQL Injection
    • 7. NoSQL Injection.zip
      8. Conclusion
    • 1. Course Conclusion

    • SECTION 7 - Common Attacks
  • INE-Web-Application-Security-Testing-Testing-for-Common-Attacks-Course-File.zip
      0. Course Introduction
    • 1. Course Introduction
      1. HTTP
    • 1. HTTP.zip
    • 1. HTTP Method Tampering
    • 3. Attacking Basic HTTP Authentication
    • 5. Attacking HTTP Digest Authentication
      2. Sensitive Data Exposure
    • 1. Sensitive Data Exposure Vulnerabilities
    • 2. Lab - Vulnerable Apache III.zip
      3. Broken Authentication
    • 1. Attacking Login Forms with Burp Suite
    • 3. Attacking Login Forms with OTP Security
    • 3. Broken Authentication.zip
      4. Session Security
    • 1. Introduction to Session Management
    • 2. Session IDs & Cookies
    • 3. Session Hijacking & Session Fixation
    • 4. Session Hijacking Via Cookie Tampering
    • 5. Lab - Improper Session Management III.zip
      5. CSRF
    • 1. Introduction to Cross-Site Request Forgery (CSRF)
    • 2. Advanced Electron Forum CSRF
    • 3. Lab - Advanced Electron Forum.zip
      6. Injection & Input Validation
    • 1. Command Injection
    • 3. PHP Code Injection
    • 6. Injection & Input Validation.zip
      7. Security Misconfigurations
    • 1. RCE Via MySQL
    • 2. Lab - RCE via MySQL.zip
      8. Course Conclusion
    • 1. Course Conclusion

    • SECTION 8 - File & Resource Attacks
  • INE-Web-Application-Penetration-Testing-File-and-Resource-Attacks-Course-File.zip
      0. Introduction
    • 1. Course Introduction
      1. Arbitrary File Upload Vulnerabilities
    • 1. Arbitrary File Upload Vulnerabilities.zip
    • 1. Introduction to Arbitrary File Upload Vulnerabilities
    • 2. Exploiting Basic File Upload Vulnerabilities
    • 4. Bypassing File Upload Extension Filters
    • 6. Bypassing PHPx Blacklists
    • 8. WordPress wpStoreCart File Upload
      2. Directory or Path Traversal
    • 1. Introduction to Directory Traversal
    • 2. Directory Traversal Basics
    • 2. Directory or Path Traversal.zip
    • 4. OpenEMR Directory Traversal - Part 1
    • 5. OpenEMR Directory Traversal - Part 2
      3. Local File Inclusion (LFI)
    • 1. Introduction to Local File Inclusion (LFI)
    • 2. Local File Inclusion Basics
    • 3. Local File Inclusion (LFI).zip
    • 4. WordPress IMDb Widget LFI
      4. Remote File Inclusion (RFI)
    • 1. Introduction to Remote File Inclusion (RFI)
    • 2. Remote File Inclusion Basics
    • 3. Lab - Remote File Inclusion I.zip
      5. Conclusion
    • 1. Course Conclusion

    • SECTION 9 - Web Services
  • INE-Web-Application-Security-Testing-Web-Service-Security-Testing-Course-File.zip
      0. Introduction
    • 1. Course Introduction
      1. Web Services
    • 1. Introduction to Web Services
    • 2. Web Services Vs APIs
    • 3. Web Service Implementations
    • 4. WSDL Language Fundamentals
      2. Testing
    • 1. Web Service Security Testing
    • 2. WSDL Disclosure & Method Enumeration
    • 3. Invoking Hidden Methods
    • 4. Testing for SQL Injection
    • 5. Testing for Command Injection
      3. Conclusion
    • 1. Course Conclusion

    • SECTION 10 - CMS Pentesting
  • INE-Web-Application-Security-Testing-CMS-Security-Testing-Course-File.zip
      0. Introduction
    • 1. Course Introduction
      1. Security Testing Introduction
    • 1. Introduction to CMS Security Testing
    • 2. Introduction to WordPress Security Testing
      2. Information Gathering & Enumeration
    • 1. WordPress Version Enumeration
    • 3. Enumerating WordPress Users, Plugins & Themes
    • 5. Enumerating Hidden Files & Sensitive Information
    • 7. WordPress Enumeration with Nmap NSE Scripts
        2. Lab - WordPress AdRotate
      • Overview.txt
      • Solution.pdf
        4. Lab - CVE-2017-5487
      • Overview.txt
      • Solution.pdf
        6. Lab - CVE-2018-8719
      • Overview.txt
      • Solution.pdf
      3. Vulnerability Scanning
    • 1. WordPress Vulnerability Scanning with WPScan
        2. Lab - CVE-2015-6522
      • Overview.txt
      • Solution.pdf
      4. Authentication Attacks
    • 1. WordPress Brute-Force Attacks
        2. Lab - WordPress Plugin
      • Overview.txt
      • Solution.pdf
      5. Exploiting Vulnerabilities
    • 1. WP Plugin - Arbitrary File Upload Vulnerability
    • 2. WP Plugin - Stored XSS Vulnerability (CVE-2020-9371)
        3. Lab - CVE-2020-9371
      • Overview.txt
      • Solution.pdf
      6. WordPress Black-Box Pentest
    • 1. WordPress Black-Box Pentest
      7. Conclusion
    • 1. Course Conclusion

    • SECTION 11 - Encoding & Filtering
  • INE-Web-Application-Security-Testing-Encoding-Filtering-and-Evasion-Basics-Course-File.zip
      0. Introduction
    • 1. Course Introduction
      1. Encoding
    • 1. Introduction to Encoding - Part 1
    • 2. Introduction to Encoding - Part 2
    • 3. HTML Encoding
    • 4. URL Encoding - Part 1
    • 5. URL Encoding - Part 2
    • 6. Base64 Encoding
      2. Filtering
    • 1. Introduction to Input Filtering
    • 2. Bypassing Client-Side Filters
    • 2. Filtering.zip
    • 4. Bypassing Server-Side Filters - Part 1
    • 5. Bypassing Server-Side Filters - Part 2
    • 7. Bypassing XSS Filters In Chamilo LMS
      3. Evasion
    • 1. Introduction to Evasion
    • 2. Bypassing Squid Proxy - Browser Based Restrictions
    • 3. Lab - Squid - Browser Based Restriction.zip
      4. Conclusion
    • 1. Course Conclusion

    • SECTION 12 - Learning Path Conclusion
  • 1. Conclusion
    • 139,000 تومان
    بیش از یک محصول به صورت دانلودی میخواهید؟ محصول را به سبد خرید اضافه کنید.
    افزودن به سبد خرید
    خرید دانلودی فوری

    در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

    ایمیل شما:
    تولید کننده:
    شناسه: 29508
    حجم: 22880 مگابایت
    مدت زمان: 3287 دقیقه
    تاریخ انتشار: ۲ اسفند ۱۴۰۲
    دسته بندی محصول
    INE
    INE
    مشاهده دوره های INE
    طراحی سایت و خدمات سئو

    139,000 تومان
    افزودن به سبد خرید