Overview

This course is to familiarise anyone wishing to exploit a website, operating system, or cloud application, with the technology itself. Web application penetration testing is not just “attacking” a website and executing automated tools, rather it is understanding any aspect on the website – how it works; what are the inputs; what is the logic of any function, and so on.

Users are rarely familiar with web applications technologies they use and therefore, if you wish to be a web application penetration tester, you need to have a deep understanding about web technologies, how the developer created the functions and how inputs are entered onto the website.

In this course, you will get a thorough and in depth understanding of web application and how to develop a website using the most up to date technologies and security mechanisms such as sessions, JWT, local storage and logins.

Suitable for

• Candidates who wish to be a web application penetration testers or bug bounties hunters

Prerequisites

• None

Skills Taught

• Deep understanding about anything related to web applications – server side, client side, databases, and cloud
• Define devops technologies to implement web servers and websites
• Get familiar with authentication mechanisms
• Develop a frontend interface using JS framework
• Develop a backend server using server side scripting

Course Outlines

• Client Side – HTML, JS, CSS
• Frontend framework – React JS
• Application Programing Interface (API)
• Backend – Python
• Apache2, nginx