Welcome to Scribd!

Web Application Penetration Testing Syllabus 6

Uploaded by

0% found this document useful (0 votes)

2 views3 pages

This document outlines a course on web application penetration testing. The course is taught by Raymond Evans of Cydefe and aims to provide hands-on learning of techniques like SQL injection, cross-site scripting, local file inclusion, and remote file inclusion. The course contains 5 modules that cover topics like HTTP basics, discovering and exploiting vulnerabilities, and writing penetration testing reports. Students will learn using online lessons and labs and will be able to understand and apply key penetration testing concepts by the end of the course.

Original Description:

Original Title

Web_Application_Penetration_Testing_Syllabus__6_

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

2 views3 pages

Web Application Penetration Testing Syllabus 6

Uploaded by

slenarethan

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 3

Search inside document

Course Syllabus

Web Application Penetration Testing

Instructor Name: Raymond Evans, Cydefe

Instructor Website: http://www.cydefe.com/

Course Creation Date: 12/04/2014

Course Description and Goals

Course Description: In this course, SME, Raymond Evans, takes you on a wild and fascinating
journey into the cyber security discipline of web application pentesting. This is a very hands-on
course that will require you to set up your own pentesting environment.

Study Resources: All study resources will be provided in the “Resources” section of the
course.

Course Goals: By the end of this course, students should be able to:

❏ Understand HTTP
❏ SQL Injections
❏ Cross site scripting (XSS)
❏ LFI & RFI
❏ How to write a report?

Brought to you by: Develop your team with the fastest growing catalog in the
cybersecurity industry. Enterprise-grade workforce development
management, advanced training features and detailed skill gap and
competency analytics.

1
Course Outline

Module 1 | Introduction, HTTP Basics and Why sites get hacked?

Lesson 1.1: Introduction (02:00)
Lesson 1.2: Tools (08:00)
Lesson 1.3: Packets (10:00)
Lesson 1.4: HTTP Basics (10:00)
Lesson 1.5: Why Sites Get Hacked - 1(08:00)
Lesson 1.6: Why Sites Get Hacked - 2(12:00)
Lesson 1.7: Why Sites Get Hacked - 3(07:00)
Lesson 1.8: Why Sites Get Hacked - 4(05:00)
Lesson 1.9: Why Sites Get Hacked - 5(03:00)
Lesson 1.10: Best Practices – 1 (08:00)
Lesson 1.11: Best Practices - 2 (05:00)
Lesson 1.12: Environment Setup (10:00)

Module 2 | SQL Injection

Lesson 2.1: What is SQL Injection (09:00)
Lesson 2.2: Spidering – 1 (03:00)
Lesson 2.3: Spidering – 2 (05:00)
Lesson 2.4: Spidering – 3 (03:00)
Lesson 2.5: Spidering – 4 (02:00)
Lesson 2.6: Discovering SQLI - 1 (02:00)
Lesson 2.7: Discovering SQLI – 2 (06:00)
Lesson 2.8: Discovering SQLI - 3(06:00)
Lesson 2.9: Discovering SQLI - 4(02:00)
Lesson 2.10: Discovering SQLI -5 (04:00)
Lesson 2.11: Discovering SQLI - 6 (08:00)
Lesson 2.12: Exploiting SQLI – 1 (05:00)
Lesson 2.13: Exploiting SQLI – 2 (03:00)
Lesson 2.14: Exploiting SQLI – 3 (03:00)
Lesson 2.15: Exploiting SQLI – 4 (04:00)
Lesson 2.16: SQLI Lab (01:00)

2
Module 3 | Cross Site Scripting (XSS)
Lesson 3.1: What is XSS-1 (10:00)
Lesson 3.2: What is XSS-2 (03:00)
Lesson 3.3: Discovering XSS - 1(04:00)
Lesson 3.4: Discovering XSS - 2 (05:00)
Lesson 3.5: Discovering XSS - 3 (05:00)
Lesson 3.6: Discovering XSS - 4 (05:00)
Lesson 3.7: Discovering XSS - 5 (05:00)
Lesson 3.8: Discovering XSS - 6 (01:00)
Lesson 3.9: Exploiting XSS - 1 (07:00)
Lesson 3.10: Exploiting XSS - 2 (13:00)
Lesson 3.11: XSS Lab (01:00)

Module 4 | LFI & RFI

Lesson 4.1: LFI & RFI -1 (02:00)
Lesson 4.2: LFI & RFI -2 (02:00)
Lesson 4.3: LFI & RFI -3 (05:00)
Lesson 4.4: LFI & RFI Lab (02:00)

Module 5 | Reporting
Lesson 5.1: Report Creation -1 (09:00)
Lesson 5.2: Report Creation -1 (05:00)
Lesson 5.3: Wrap up (01:00)

Course Syllabus Cissp: Brought To You by
Document6 pages
Course Syllabus Cissp: Brought To You by
Anonymous 9d1jFv
No ratings yet
ECMS2 Training Slides
Document394 pages
ECMS2 Training Slides
Thiago Andrade Leite
No ratings yet
Cpte 2018
Document10 pages
Cpte 2018
Ankit Binjola
No ratings yet
3.6.2.middleware and Enterprise Integration Technologies
Document3 pages
3.6.2.middleware and Enterprise Integration Technologies
Aasim Shaikh
0% (1)
CST610 - DFC610 Reading and Resource List
Document12 pages
CST610 - DFC610 Reading and Resource List
Bryan Shafer
No ratings yet
Integration Document
Document12 pages
Integration Document
Avinash Chowdary
No ratings yet
1-Penetration Testing and Ethical Hacking Syllabus and Outline 1
Document7 pages
1-Penetration Testing and Ethical Hacking Syllabus and Outline 1
techno tricks
No ratings yet
Course Syllabus Advanced Penetration Testing: Georgia-Weidman
Document6 pages
Course Syllabus Advanced Penetration Testing: Georgia-Weidman
Hosny ipsec
No ratings yet
Course Syllabus AWS Certified Solutions Architect Associate: Brought To You by
Document3 pages
Course Syllabus AWS Certified Solutions Architect Associate: Brought To You by
IOT Master
No ratings yet
Course Syllabus Penetration Testing and Ethical Hacking: Brought To You by
Document7 pages
Course Syllabus Penetration Testing and Ethical Hacking: Brought To You by
medtrachi
No ratings yet
OWASP Top 10 2021 Complete Syllabus
Document5 pages
OWASP Top 10 2021 Complete Syllabus
AndreMuendi
No ratings yet
CRISC Syllabus Outline 1
Document4 pages
CRISC Syllabus Outline 1
Syed
No ratings yet
Course Syllabus Social Engineering: Brought To You by
Document3 pages
Course Syllabus Social Engineering: Brought To You by
Mark Yacopetti
No ratings yet
Penetration Testing and Ethical Hacking Syllabus 2023
Document11 pages
Penetration Testing and Ethical Hacking Syllabus 2023
Amrit Rana
No ratings yet
AZ900-Microsoft Azure Fundamentals
Document5 pages
AZ900-Microsoft Azure Fundamentals
Cornel Bent
No ratings yet
Career Path Syllabus - Cyber Security Engineer
Document2 pages
Career Path Syllabus - Cyber Security Engineer
mahdi.alsaadi7
No ratings yet
Penetration Testing and Ethical Hacking Syllabus 2023 2.2024 Update
Document9 pages
Penetration Testing and Ethical Hacking Syllabus 2023 2.2024 Update
Sanjay Dilip
No ratings yet
BE IT Syllabus
Document22 pages
BE IT Syllabus
kirantarnaka
No ratings yet
Ocsa - Offenso Certified Security Analyst-2
Document11 pages
Ocsa - Offenso Certified Security Analyst-2
AneesEver
No ratings yet
Cyber Network Security Syllabus and Outline
Document5 pages
Cyber Network Security Syllabus and Outline
s.hakim
No ratings yet
Cybrary System Administrator Syllabus: General Information
Document17 pages
Cybrary System Administrator Syllabus: General Information
register Name
No ratings yet
Osint
Document4 pages
Osint
Gabriel Braz
No ratings yet
Part 1: Nikto: Module 4 Sensitive Data Exposure Lab
Document4 pages
Part 1: Nikto: Module 4 Sensitive Data Exposure Lab
Taha Khan
No ratings yet
Mobile App Security NowSecure Syllabus and Outline
Document2 pages
Mobile App Security NowSecure Syllabus and Outline
Nafas Terindah
No ratings yet
CySA Syllabus
Document4 pages
CySA Syllabus
smm azad
No ratings yet
Automation Testing: New Batches Info
Document7 pages
Automation Testing: New Batches Info
raja
No ratings yet
Module 5 XML External Entities (XXE) Lab: Brought To You by
Document2 pages
Module 5 XML External Entities (XXE) Lab: Brought To You by
Taha Khan
No ratings yet
Web Application Hacking & Security Program Guide
Document10 pages
Web Application Hacking & Security Program Guide
Zubair Ch
No ratings yet
Intro To IT Cybersecurity 2021 Syllabus and Outline
Document4 pages
Intro To IT Cybersecurity 2021 Syllabus and Outline
Andrea Bejarano
No ratings yet
Sem-6 Syllabus Information Technology (Mumbai University)
Document13 pages
Sem-6 Syllabus Information Technology (Mumbai University)
Ashish Lamba
No ratings yet
Advanced PHP and Mysql: Course Syllabus
Document8 pages
Advanced PHP and Mysql: Course Syllabus
Abc
100% (1)
LCEH Course Description
Document17 pages
LCEH Course Description
RedCodeLinux
No ratings yet
Syllabus and Outline Template
Document2 pages
Syllabus and Outline Template
Kartik Agrawal
No ratings yet
CCSK - Course - Content - v1 - InfosecTrain
Document10 pages
CCSK - Course - Content - v1 - InfosecTrain
Mousumi Utkarsh Ray
No ratings yet
Nikita Jain Internship Report
Document25 pages
Nikita Jain Internship Report
yuvraj.2024cs1076
No ratings yet
Java, J2EE, Hibernate, Struts 2.0, Angular 2.0, Web Services, SQL, ORACLE, ENOIVA, SFCC
Document3 pages
Java, J2EE, Hibernate, Struts 2.0, Angular 2.0, Web Services, SQL, ORACLE, ENOIVA, SFCC
Shivam Singh
No ratings yet
Privacy Program Management Syllabus and Outline
Document4 pages
Privacy Program Management Syllabus and Outline
bas6677
No ratings yet
Vaibhav Resume
Document3 pages
Vaibhav Resume
vaibhavcc
38% (8)
Cyber Network Security 1
Document29 pages
Cyber Network Security 1
Pasindu
No ratings yet
Tanuja Cisco
Document15 pages
Tanuja Cisco
Subham Negi
No ratings yet
Certified Information Systems Security Professional - CISSP
Document3 pages
Certified Information Systems Security Professional - CISSP
irfantrvl
No ratings yet
WsCube Tech - Ethical Hacking Certification (WS-CEH)
Document10 pages
WsCube Tech - Ethical Hacking Certification (WS-CEH)
Research fact
No ratings yet
About Us: Payment Details
Document5 pages
About Us: Payment Details
Jaideep Ojha
No ratings yet
00 ISM Blended Learning Session Plan For Student
Document24 pages
00 ISM Blended Learning Session Plan For Student
KUNAL PATEL
No ratings yet
All Courses - Certification in Cyber Security
Document23 pages
All Courses - Certification in Cyber Security
seemab.sikandar.khan
No ratings yet
Issyll6 PDF
Document20 pages
Issyll6 PDF
Bradley Garcia
No ratings yet
6 Sem
Document18 pages
6 Sem
Abubaker Siddique
No ratings yet
Cyber Security Curriculum Package
Document12 pages
Cyber Security Curriculum Package
Teshome Mogez
100% (1)
Weekly Overview of Internship Activities: 07/09/21 Tuesday
Document54 pages
Weekly Overview of Internship Activities: 07/09/21 Tuesday
Akshata Chavan
No ratings yet
Department Electives (DE)
Document75 pages
Department Electives (DE)
Kaushal Anand
No ratings yet
Management Information System Project: Plan and Database Design For LMS BBA IV-A (Evening)
Document15 pages
Management Information System Project: Plan and Database Design For LMS BBA IV-A (Evening)
umar afzal
No ratings yet
Course Syllabus Systems Security Certified Professional (SSCP)
Document3 pages
Course Syllabus Systems Security Certified Professional (SSCP)
Johnson Mukadi
No ratings yet
Manual Testing 1 2 Years Exp 2
Document3 pages
Manual Testing 1 2 Years Exp 2
srinivas reddy
No ratings yet
Brochure Web Pentest Training 2023
Document5 pages
Brochure Web Pentest Training 2023
Nurul Syahfikah
No ratings yet
20744C TrainerPrepGuide
Document8 pages
20744C TrainerPrepGuide
Erdem Enust
No ratings yet
Summer Training ON Web Development (BCA 508P) : Submitted By: Submitted To
Document30 pages
Summer Training ON Web Development (BCA 508P) : Submitted By: Submitted To
Anurag Tiwari
No ratings yet
WsCube Tech - Penetration Testing (WS-PEN) Course
Document6 pages
WsCube Tech - Penetration Testing (WS-PEN) Course
Research fact
No ratings yet
CRISC Syllabus
Document4 pages
CRISC Syllabus
Birhan
No ratings yet
Complete JAVA: Course Syllabus
Document14 pages
Complete JAVA: Course Syllabus
Raja
No ratings yet
Securing SQL Server: Protecting Your Database from Attackers
From Everand
Securing SQL Server: Protecting Your Database from Attackers
Denny Cherry
No ratings yet
Creating ASP.NET Core Web Applications: Proven Approaches to Application Design and Development
From Everand
Creating ASP.NET Core Web Applications: Proven Approaches to Application Design and Development
Dirk Strauss
No ratings yet
How To Build A Security Operations Center (On A Budget)
Document43 pages
How To Build A Security Operations Center (On A Budget)
DeathLord
No ratings yet
Information and Network Security Lab: Lab Mannual FOR VII SEMESTER Computer Science & Engineering
Document30 pages
Information and Network Security Lab: Lab Mannual FOR VII SEMESTER Computer Science & Engineering
Anitha Mc
No ratings yet
Cybersecurity and Human Rights in The Age of Cyberveillance
Document249 pages
Cybersecurity and Human Rights in The Age of Cyberveillance
dogeveneziano
100% (1)
Pigpen Cipher: A Q T Z
Document8 pages
Pigpen Cipher: A Q T Z
Muhammad Yusif Abdulrahman
No ratings yet
Intro To Akamai Guardicore Segmentation
Document15 pages
Intro To Akamai Guardicore Segmentation
Marcos Ronderos
No ratings yet
1.1.1.5 Lab - Cybersecurity Case Studies
Document3 pages
1.1.1.5 Lab - Cybersecurity Case Studies
yosia kristian
100% (1)
Privileged Access Management (PAM), What Does This Mean?
Document1 page
Privileged Access Management (PAM), What Does This Mean?
Said Ammar
No ratings yet
Study On Phishing Attacks: International Journal of Computer Applications December 2018
Document4 pages
Study On Phishing Attacks: International Journal of Computer Applications December 2018
James Bond
No ratings yet
Cyber Security Notes Unit 1
Document9 pages
Cyber Security Notes Unit 1
Reshma Basu
No ratings yet
Macro Assignment
Document14 pages
Macro Assignment
aviral agrohi
No ratings yet
Hacking - The Beginner's Complete Guide To Computer Hacking (2017) PDF
Document63 pages
Hacking - The Beginner's Complete Guide To Computer Hacking (2017) PDF
Konstantinos Alexiou
75% (4)
Hiab and Outscan Manage Users
Document12 pages
Hiab and Outscan Manage Users
brunosamaeian
No ratings yet
Cryptography CA2
Document11 pages
Cryptography CA2
Atreyi chattopadhyay
No ratings yet
EDS-405A Series - Moxa-Eds-405a-Series-Firmware-V3.11.rom - Software Release History PDF
Document17 pages
EDS-405A Series - Moxa-Eds-405a-Series-Firmware-V3.11.rom - Software Release History PDF
Miroslaw Labuda
No ratings yet
Battle Card Email Sec Vs Symantec PDF
Document5 pages
Battle Card Email Sec Vs Symantec PDF
Alonso Sal y Rosas
No ratings yet
Best Practices For MITRE ATTCK Mapping
Document20 pages
Best Practices For MITRE ATTCK Mapping
Eduardo Bezerra
No ratings yet
The Soter Group - 2020 Cyber Security Conference Calendar
Document23 pages
The Soter Group - 2020 Cyber Security Conference Calendar
The Soter Group, LLC
No ratings yet
Cisa Notes 2
Document40 pages
Cisa Notes 2
si lut li
No ratings yet
Internet Access Mangement: External Server Authentication
Document17 pages
Internet Access Mangement: External Server Authentication
nazri prop
No ratings yet
MTA Makeup Spring 2014 PDF
Document8 pages
MTA Makeup Spring 2014 PDF
Christina Fington
No ratings yet
Chapter 5 Fis
Document17 pages
Chapter 5 Fis
beshahashenafe20
No ratings yet
Ipsec: Tcp/Ip
Document12 pages
Ipsec: Tcp/Ip
Saptarshi Bhattacharjee
No ratings yet
Cisco PIX 501 Configuration
Document466 pages
Cisco PIX 501 Configuration
CuHelix
100% (1)
Cryptography and Network Security: Fourth Edition by William Stallings
Document27 pages
Cryptography and Network Security: Fourth Edition by William Stallings
Juli Andri
No ratings yet
E Business With Diagram
Document7 pages
E Business With Diagram
Jinson Varghese
No ratings yet
Story Map - Shriya Jain
Document1 page
Story Map - Shriya Jain
Vikin Jain
No ratings yet
Gnupg 2.0.9 - "Need Secret Key To Do This": Thread
Document4 pages
Gnupg 2.0.9 - "Need Secret Key To Do This": Thread
bacoo
No ratings yet
Self Password Reset Portal Document
Document7 pages
Self Password Reset Portal Document
Jinka Sreenath
No ratings yet
EJ743766
Document3 pages
EJ743766
supercellprodx007
No ratings yet