How to Build a $120,000/Year Career as a Web Penetration Tester

Pinpoint Network Vulnerabilities in Order to Prevent Attacks by Hackers

 

What's Inside

If you’re looking to build a career in security, there’s no better place to focus your efforts than penetration testing. By understanding the vulnerabilities and dangers presented by your network’s structure, you’ll learn how to remedy these gaps and save your company from major security breeches.

  • Master ethical hacking techniques used in penetration systems w/ over 22 lectures & 5.5 hours of content
  • Learn the basic methods for penetration testing of a web application
  • Go step-by-step through the entire penetration testing process
  • Control remote servers
  • Practice finding vulnerabilities in apps
  • Learn to gain information on potential targets
  • Study various attack types: authentication, session management, access controls, data stores, etc.

Main topics:

  • Core problems (Causes. Defences)
  • Web Technologies (HTTP Protocol, Web Functionality, Encoding)
  • Mapping (Spidering and Analysing)
  • Attacking Authentication (Technologies, Flaws, Fixes, Brute Force)
  • Attacking Session Management (State, Tokens, Flaws)
  • Attacking Access Controls (Common Vulnerabilities, Attacks)
  • Attacking Data Stores (SQL Injection, Bypassing Filters, Escalation)
  • Bypassing Client-Side Controls (Browser Interception, HTML interception, Fixes)
  • Attacking the server (OS command Injection, Path Traversal, Mail Injection, File Upload)
  • Attacking Application Logic
  • Cross Site Scripting
  • Attacking Users (CSRF, ClickJacking, HTML Injection)

Demos:

  • Spidering, Website Analyser
  • Brute-Force
  • Session Hijacking via Mann-in-The-Middle
  • Get Gmail or Facebook Passwords via SSLStrip
  • SQL Injection
  • Upload File and Remote Execution
  • Cross-Site Scripting (Stored + Reflected, Cookie Stealing, Preventing XSS)
  • CSRF (Change password trough CSRF vuln., Preventing CSRF)

Class Curriculum

Get started now!



Certificate Available
18117+ Students
22 Lectures
2+ Hours of Video
Lifetime Access
24/7 Support
Your Instructor
Gabriel Avramescu

Senior Information Security Consultant

I work on the Internet security team, focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary. I act as an effective participant on a multidisciplinary security project team.

-Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking)

-Make recommendations on security weaknesses and report on activities and findings

- Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)

- Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment

- Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)

- Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures

- Assist with the development of remediation services for identified findings - Customize, operate, audit, and maintain security related tools and applications

IT Trainer

- Trainer for Web Application Hacking and Network Infrastructure Hacking - Training students for CCNA and CCNA Security Certification - Training NDG Linux Basics - Legal Main Contact - Curriculum Leader

Certifications

- CREST Registered Penetration Tester (CRT)

- OSCP

- ISO 270001 Lead Auditor

- CEH (Certified Ethical Hacker)

- CCNA and CCNA Security

- CCNP Routing and CCNP Switching

- Advanced Linux&InfoSEC

- VMWare vSphere Install, Configure, Manage

- Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.

Instructor Rating
Popular Bundles