1hack.us | Together We Learn!
Created by: EC-Council Team
Last Updated: 2021
Language: English
Runtime: 3h+
Torrent Contains: 26 Files, 5 Folders
Course Source:
https://iclass.eccouncil.org/web-application-hacking-and-security/
Understand, Exploit, And Defend Yourself Against Topmost Web Vulnerabilities With A Comprehensive Hands-On, Lab-Based, Guided, Mastery Course Designed By The Team That Brought You CEH
Course Overview
Decoding Web Application Hacking and Security
Web Application Hacking and Security has challenges derived from the engaging iLab environments of EC Council – from Certified Ethical Hacker (CEH) to the Certified Penetration Testing Professional (CPENT); from Certified Application Security Engineer (CASE) .Net to Java. But Web Application Hacking and Security goes beyond this to more difficult scenarios as you advance through each problem.
Web Application Hacking and Security is like a Capture-The-Flag (CTF) competitions meant to test your hacking skills. But you can keep on trying until you achieve the goal. Test your skills and work alone to solve complex problems or follow the instructor as they do a walkthroughs to help you learn Web Application Hacking and Security.
Watch your name rise on the leader board, a place where you’ll see who’s cracking the most challenges, who’s making the most progress, who’s cranking out the h@ck$!
What you will learn
Level up your Skills through Play
Challenges
You will encounter security misconfigurations, SQL injection vulnerabilities, directory browsing vulnerabilities, enumeration vulnerabilities, and opportunities to escalate privileges and gain access to privileged information.
Each section of ‘Break the Code’ brings progressively more difficult challenges. There are always multiple paths to take, but few will get you the prize and move up the leader board.
• Advanced Web Application Penetration Testing
• Advanced SQL Injection (SQLi)
• Reflected, Stored and DOM-based Cross Site Scripting (XSS)
• Cross Site Request Forgery (CSRF) – GET and POST Methods
• Server-Side Request Forgery (SSRF)
• Security Misconfigurations
• Directory Browsing/Bruteforcing
• CMS Vulnerability Scanning
• Network Scanning
• Auth Bypass
• Web App Enumeration
• Dictionary Attack
• Insecure Direct Object Reference Prevention (IDOR)
• Broken Access Control
• Local File Inclusion (LFI)
• Remote File Inclusion (RFI)
• Arbitrary File Download
• Arbitrary File Upload
• Using Components with Known Vulnerabilities
• Command Injection
• Remote Code Execution
• File Tampering
• Privilege Escalation
• Log Poisoning
• Weak SSL Ciphers
• Cookie Modification
• Source Code Analysis
• HTTP Header modification
• Session Fixation
• Clickjacking
Read more at course page!
Who Should Attend?
If you are tasked with implementing, managing, or protecting web applications, then this course is for you. If you are a cyber or tech professional who is interested in learning or recommending mitigation methods to a myriad of web security issues and want a pure hands-on program, then this is the course you have been waiting for.
• Penetration Tester
• Ethical Hacker
• Web Application Penetration
• Tester/Security Engineer
• Auditor
• Red Team Engineer
• Information Security Engineer
• Risk/Vulnerability Analyst
• Vulnerability Manager
• Incident responder
Prerequisites
• Good understanding of web application working
• Basic working knowledge of the Linux command line
• Basic knowledge of OSes and file systems
• Basic knowledge of Bash and/or Python scripting