Overview

This course is to familiarise anyone wishing to exploit a website, operating system, or cloud application, with the technology itself. Web application penetration testing is not just “attacking” a website and executing automated tools, rather it is understanding any aspect on the website – how it works, what are the inputs, what is the logic of any function and so on.

Users are rarely familiar with web applications technologies they use and therefore, if you wish to be a web application penetration tester, you need to have a deep understanding about web technologies, how the developer created the functions and how inputs are entered onto the website.

In this course, you will get a thorough and in depth understanding of web application and how to develop a website using the most up to date technologies and security mechanisms such as sessions, JWT, local storage and logins.

Suitable for

• Candidates who wish to be a web application penetration testers or bug bounties hunters

Prerequisites

• None

Skills Taught

• Deep understanding about anything related to web applications – server side, client side, databases, and cloud
• Define devops technologies to implement web servers and websites
• Get familiar with authentication mechanisms
• Develop a frontend interface using JS framework
• Develop a backend server using server side scripting

Course Outlines

• Client Side – HTML, JS, CSS
• Frontend framework – React JS
• Application Programing Interface (API)
• Backend – Python
• Apache2, nginx