Web applications play a vital role in every modern organization. But, if your organization does not properly test and secure its web apps, adversaries can compromise these applications, damage business functionality, and steal data. Unfortunately, many organizations operate under the mistaken impression that a web application security scanner will reliably discover flaws in their systems.
With this course I aim to help students move beyond push-button scanning to professional, thorough, high-value web application penetration testing.
I am sharing this course because I believe knowledge should be free or at least affordable. You should not have to get a loan on your house to get the seven thousand dollars it took to get the knowledge from this course.
This was a six day course. Which I have the audio and study material too. It is insane to cram all this information into a six day course and think that all the information has been retained.
So what we are going to do is turn this into a six week course. I will share one section a week. I would advise you to open the study material and then play the .MP3 audio files and follow along on your study material which comes in .PDF format.
Week 1: Introduction and Information Gathering
Topics:
Overview of the web from a penetration tester’s perspective
Exploring the various servers and clients
Discussion of the various web architectures
Discovering how session state works
Discussion of the different types of vulnerabilities
WHOIS and DNS reconnaissance
The HTTP protocol
WebSocket
Secure Sockets Layer (SSL) configurations and weaknesses
Heartbleed exploitation
Utilizing the Burp Suite in web app penetration testing
I like the idea of a free or at least affordable coarse, I have spent the last few years programming to prevent penetration, i think the if you know how to get in you can prevent it from happening in the first place. My thoughts are that is the whole point of penetration testing, thanks for the coarse @MoNsTeR.
Good work buddy keep it up!! btw why don’t you upload your courses on a torrent site so that people can download those courses at a high speed as FTP servers are damn slow regardless of your internet speed. Using torrent will save everyone’s time too
Yes, this exact course is taught to high level united states government agency’s such as DHS, FBI, DOD etc. In-fact you must have Sans Certification to contract for the United States Government. @MoUsE
You are welcome @cavaN I love giving back to the community when I can. It helps me progress.
@D4rkhunt3r I was actually thinking of doing that. I had one going awhile back. I might start doing it again.
Hey @MoNsTeR can we get Week 4,5 and 6 .
thanks for these materials . this is gold.
completed upto 3 weeks and im following this. need to continue. so please upload week 4,5, and 6 files.
Well we have made it to the halfway point. I have uploaded week 4 course material. Enjoy!
I could not find it. I asked around in IRC and nothing as of yet.
You are welcome. It is some of the best knowledge you can get in my opinion, regarding Web App Pen-Testing. I will continue updating until week 6. So 2 weeks left.
Thank you so much! This is absolutely wonderful information and it costs so much to take a course. I am in school at the moment and took a class on penetration testing, which the instructor was certified on at the above institute. So this is just a gift that I can’t thank you enough on!
