stackskills - How to Build a $120,000/Year Career as a Web Penetration Tester
English | 2016 | mp4 | H264 1280x720 | AAC 2 ch | pdf | 507 MB
Pinpoint Network Vulnerabilities in Order to Prevent Attacks by Hackers

If you're looking to build a career in security, there's no better place to focus your efforts than penetration testing. By understanding the vulnerabilities and dangers presented by your network's structure, you'll learn how to remedy these gaps and save your company from major security breeches.

- Master ethical hacking techniques used in penetration systems w/ over 22 lectures & 5.5 hours of content
- Learn the basic methods for penetration testing of a web application
- Go step-by-step through the entire penetration testing process
- Control remote servers
- Practice finding vulnerabilities in apps
- Learn to gain information on potential targets
- Study various attack types: authentication, session management, access controls, data stores, etc.

Main topics:

- Core problems (Causes. Defences)
- Web Technologies (HTTP Protocol, Web Functionality, Encoding)
- Mapping (Spidering and Analysing)
- Attacking Authentication (Technologies, Flaws, Fixes, Brute Force)
- Attacking Session Management (State, Tokens, Flaws)
- Attacking Access Controls (Common Vulnerabilities, Attacks)
- Attacking Data Stores (SQL Injection, Bypassing Filters, Escalation)
- Bypassing Client-Side Controls (Browser Interception, HTML interception, Fixes)
- Attacking the server (OS command Injection, Path Traversal, Mail Injection, File Upload)
- Attacking Application Logic
- Cross Site Scripting
- Attacking Users (CSRF, ClickJacking, HTML Injection)


- Spidering, Website Analyser
- Brute-Force
- Session Hijacking via Mann-in-The-Middle
- Get Gmail or Facebook Passwords via SSLStrip
- SQL Injection
- Upload File and Remote Execution
- Cross-Site Scripting (Stored + Reflected, Cookie Stealing, Preventing XSS)
- CSRF (Change password trough CSRF vuln., Preventing CSRF)