Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Web Security/Penetration Testing for Beginners
Introduction to course
Why security Testing gaining Importance day by day! (9:26)
What we are going to learn from this course? (5:09)
Security Testing Basic Terminologies
What is Http and Https? (9:58)
How can we avoid Man in middle attacks? (6:52)
Http Methods overview in talking to servers (9:29)
Fiddler Demo- Monitoring Network traffic (3:19)
Understanding Fiddler to intercept requests (7:31)
Material for Reference
XSS - Cross Site Scripting Vulnerability Testing
What is XSS? How it can damage Web sites (9:49)
Detecting XSS Vulnerability for Websites - 1 (8:14)
Detecting XSS Vulnerability for Websites - 2 (6:15)
ByPassing Client Validation to perform XSS (9:09)
Encoding all the inputs to avoid Attacks (10:03)
Types of Attack - Reflected XSS (8:30)
Types of Attack - Persisistence XSS (9:59)
How to handle cross site scripting in IE browser (10:22)
Material for reference
Importance of Cookies and their role in Security
What are cookies and where are they stored (8:48)
Session cookie sensitive data Threats (9:43)
How can we stop Cookies hijacking (7:41)
Methods to Prevent cookie steal -Secure Attribute (13:56)
Preventing cookies steal -Http Attribute flag (11:44)
Domain and path attribute to restrict cookies (11:53)
Setting Timeperiod for Sessions- Security Safety Tip (6:01)
Material for reference
SQL Injection
What is SQL Injecting (7:32)
How to identify SQL loop holes in web application (13:19)
Exposing Security loop holes with malcious SQL syntax (9:20)
List of urls Pattern which can cause attack with SQL (7:34)
Material for reference
Automation tool for SQL Injections
Session Hijacking and Cross Site Forgery Attacks
What is CSRF? How can it cause threat (11:50)
Session Hijacking with illegal requests (10:23)
Avoid Cross SIte forgeries with Token Mechanisim (8:47)
Checklist for Pen Testers to check CSRF Attacks (8:43)
Material for reference
Parameter Tampering to steal sensitive data
What is Parameter Tampering? (9:49)
Different sources to intercept requests (5:35)
Importance of having Server side Validations (6:00)
Intercepting requests with fiddler tool (6:49)
Material for reference
Account Security
Steps to be taken for Password setting (8:46)
List of Hacking Passwords and Precautions which need to be taken (5:57)
Sources of Attacking Passwords (8:06)
Best Practices to be followed in securing Account (9:20)
Bruteforce attack handler Mechanism (12:36)
Material for reference
Teach online with
Encoding all the inputs to avoid Attacks
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock