Professional Web Application Penetration Tester Course V1.1 (ICPWAPEN)


Descripción

Learn in-depth aspects of Web Hacking, Penetration Testing and prevent vulnerabilities with this course.

In this course, the student will learn to develop to the maximum their capacities as a pentester specialised in evaluating web applications
This course provides in-depth analysis of the phases, methodology and techniques used during web application pentesting

The course material includes access to our virtual academy, videos, exercises, and 90 days of access to the training laboratories. The course is 100% practice-oriented, offering an extensive infrastructure with real vulnerabilities ready to be exploited.

The Web App Penetration Testing course oriented to professionals of the sector or initiated in auditing web servers and need to learn new techniques or improve their work methodology.

On-line instructors to answer questions and provide follow-ups.

30% discount for ICPP+ course if the certification is obtained.

* VPN Software is required
Basic cybersecurity knowledge and basic Linux / Windows knowledge needed.

Before making the purchase, it is advisable to review the rules and conditions.
https://www.ihacklabs.com/en/terms-and-conditions/

More information at info@ihacklabs.com

Contenido
  • User Manuals
  • VPN_Configuration_Guide v 1.0
  • VPN_Settings
  • Laboratory_Rules.pdf
  • Practical Training _ Exercises
  • MODULE 1 - INTRODUCTION
  • Module 1 Introduction
  • Test Module 1 - Introduction
  • MODULE 2 - GATHERING
  • Module 2 Gathering
  • WM2_Burp
  • WM2_ Discovery_Content
  • WM2_Hacking_Google
  • WM2_ Virtual_Hosts_Discovery
  • WM2_Maltego
  • WM2_Map_Application
  • WM2_HTTP Method
  • WM2_Discovery_Inputs
  • WM2_Indetify Frameworks
  • WM2_Aquatone
  • WM2_Datasploit
  • WM2_DNSRecon
  • WM2_haveibeenpwned.com
  • WM2_Pastebin
  • WM2_Social_mapper
  • WM2_Shodan
  • WM2_FOFA
  • WM2_Reddit
  • WM2_Archive
  • WM2_The_Harvester
  • WM2_Ipv4info
  • Test Module 2 - Gathering
  • MODULE 3 - CLIENT SIDE
  • Module 3 - Client Side
  • WM3_ User_Inputs
  • WM3_Javascript
  • Test Module 3 - CLIENT SIDE
  • MODULE 4 - SESSIONS
  • Module 4 Sesion Management
  • WM4_User Enumeration
  • WM4_Backup Files
  • WM4_Default Credentials
  • WM4_Force Brute attack
  • WM4_Captcha Bypass
  • WM4_Weak_Passwords
  • WM4_Logout
  • WM4_Cookie_ID_Session_ID
  • Test Module 4 Sesion Management
  • MODULE 5 - INYECTION
  • Module 5 - Injections
  • WM5_Discovery_SQLi
  • WM5_Bypass_Login_SQLi
  • WM5_UNION_SQLi
  • WM5_Blind_SQLi
  • WM5_Avanced_SQLi
  • WM5_Error_Based_SQLi
  • WM5_SQLi__Exfiltration DNS
  • WM4_XPATH_Injection
  • WM5_HTML_Injection
  • WM5_LDAP_Injection
  • Test Module 5 - Injection
  • MODULE 6 - BACKEND SERVICES
  • Module 6 Back-end Services
  • WM6_Command_Execution
  • WM6_External_Entity_Attacks_XXE
  • WM6_Command_Execution_SOAP
  • WM6_LFI_RFI
  • WM6_Path-Transversal
  • Module 6 Test - Backend Services
  • MODULE 7 - USERS ATTACKS
  • Module 7 XSS
  • WM7_Reflected_XSS
  • WM7_Cross-Site_Request_Forgery_CSRF
  • WM7_Stored XSS
  • Test Module 7 - Client Attack
  • MODULE 8 - INFRASTRUCTURE
  • Module 8 Infraestructure and design
  • WM8_ WebDAV Attack
  • WM8_TomcatAttack
  • Test Module 8 - Infrastructure and Design
  • FINAL EXAM - THEORY
  • Submit Report
  • METHODOLOGIES
  • OWASP_Testing_Guide_v4.pdf
  • OWASP_TestingChecklist_v_1.0.xls
  • OWASP_WebAppPenTestList1_1.pdf
  • OWASP Top 10 - 2017 RC1-English.pdf
Reglas de finalización
  • Todas las unidades deben ser completadas