Current Status
Not Enrolled
Price
Rs 720 (After Discount)

This Course Includes

Video Duration9+ Hours
Support MaterialNone
Access DurationONE YEAR
CertificateAt Completion
Author Sanjay Lekhak
Co AuthorAman Sahni

We have divided Web Application Security into Two Levels – Foundation and Professional.

Our WASF (Web Application Security Foundation) course maps to Foundation level where you can learn about Networking, Kali Linux, Vulnerability Assessment, Penetration Testing, Web App Architecture and Assessment Framework in addition to Cyber Security Terminologies and Frameworks.

This module brings completeness to the learning of Web App Security and will take you through some hands-on exercises on Web Application Security Attacks along with related concepts to make you ready for Web Application Security related assignments.

In this module, we cover following concepts along with real demo and exercises

Attacking the Login Page – Bruteforcing.
CAPTCHA (& Password Policy)
Authentication and Authorization
Two Factor Authentication
Parameter Manipulation & IDOR
Broken/Missing Function Level Access Control – Vertical and Horizontal

Same Origin Policy – SOP
Cross Origin Resource Sharing – CORS
CSRF (XSRF, SeaSurf, Session Riding)
Clickjacking
CSV Injection
Content security Policy and Important HTTP headers

Document Object Model – DOM
AJAX
Javascript basics
HTML injection
Iframe Injection
Cross Site Scripting – XSS
Reflected XSS
Stored XSS
DOM based XSS
Filter Bypassing & XSS Mitigation

Introduction to DBMS
Basic SQL Commands
SQL Injection
Fingerprint the Database
Inband SQL Injection / SQL Injection – Bypass a Login page
Blind SQL
SQLmap Tutorial / Union Operator
SQL Injection in other statements / Injecting into SQL ( in different statements )
Bypassing Filters
Second order SQL injection
Preventing SQL injection
NOSQL injection (MongoDB)
LDAP injection basics

OS Command Injection.
Server Side Includes Injection
Server side Template injection
File Upload Vulnerability
Directory Listing and Path Traversal
File Inclusion
Invalidated Redirects and Forwards/Open Redirection
Server Side Request Forgery

HTTP Response Spliting (CRLF)
HTTP Parameter Pollution
Host header injection
Web Cache Deception/Poisoning
Insecure Deserialization

Introduction to XML
XPATH Injection
XML External Entity (XXE)

If you have completed WASF, consider this as the final step to gain essential understanding about Web App Security at Professional Level.

Wish you all the best!

Integral Bytes Course Content

Expand All
Integral Bytes Lesson Content
0% Complete 0/1 Steps
Integral Bytes Lesson Content
0% Complete 0/1 Steps
Integral Bytes Lesson Content
0% Complete 0/1 Steps
Integral Bytes Lesson Content
0% Complete 0/1 Steps

About the Instructors

20+ Years Business and Operations experience into IT & Cyber Security.