Overview
-
Take your pen testing skills to the next level. Learn how to locate and exploit website vulnerabilities with Burp Suite, sqlmap, DIRB, and more.
Syllabus
-
Introduction
- Protecting your websites
- What you should know before watching this course
- Disclaimer
- Understanding websites
- Identifying virtual websites
- Using Burp Suite as a proxy
- Busting open a website
- Busting with DirBuster
- Enumerating with WhatWeb and DirScanner
- Enumerating with DIRB and Wfuzz
- Crawling or spidering
- Scanning at scale
- Assessing websites with Nikto
- Using the Metasploit WMAP scanner
- Using sqlmap to find SQL injections
- Skip fishing the site
- Scanning for vulnerabilities with Nessus
- Using test cases to manage security testing
- A refresher on website shell implants
- Uploading an ASPX shell using Cadaver
- Coping with a calamity
- Exploiting with phpbash
- Exploiting Node.js
- Injecting SQL using Burp Suite
- Breaking into the bank
- More ways into the bank
- Owning the bank
- Entering Europa
- Owning Europa
- Jenkins and Groovy scripting
- Taking over the gym
- Learning the basics of content management
- Getting into WordPress
- Penetrating WordPress
- Getting Joomla Administrator
- Shelling Joomla
- Taking down the enterprise
- What's next
