Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Learning Python Web Penetration Testing
Introduction
The Course Overview (5:58)
Understanding Web Application Penetration Testing Process (7:50)
Typical Web Application Toolkit (6:19)
Testing Environment (6:15)
Interacting with Web Applications
HTTP Protocol Basics (7:10)
Anatomy of an HTTP Request (7:56)
Interacting with Web Apps Using Requests Library (10:24)
Analyzing the Responses (7:22)
Web Crawling with Scrapy
Web Application Mapping (3:36)
Creating a Crawler with Scrapy (7:56)
Recursive Crawling (3:43)
Extracting Information (5:23)
Resources Discovery
What Is Resource Discovery? (4:02)
Building Our First Brute Forcer (5:25)
Analyzing the Results (5:17)
Adding More Information (3:54)
Taking Screenshots of the Findings (4:15)
Password Testing
How Password Attacks Work? (4:56)
Our First Password Brute Forcer (4:38)
Adding Support for Digest Authentication (4:43)
Form-based Authentication (7:08)
Detecting and Exploiting SQL Injection Vulnerabilities
SQL Injection Vulnerability (4:50)
Detecting SQL Injection Issues (8:09)
Exploiting a SQL Injection to Extract Data (6:00)
Advanced SQLi Exploiting (3:55)
Intercepting HTTP Requests
HTTP Proxy Anatomy (4:07)
Introduction to mitmproxy (3:53)
Manipulating HTTP Requests (6:53)
Automating SQLi in mitmproxy (4:38)
Wrapping Up (3:55)
Web Application Mapping
You’ll learn about web application mapping, what it is, and how to do it.
Revisit the penetration testing process
Check out the different options of performing the mapping
Check out a mapping example from Burp suite
Complete and Continue