Penetration Testing: Advanced Web Testing

Take your pen testing skills to the next level. Learn how to locate and exploit website vulnerabilities with Burp Suite, sqlmap, and more.

Introduction

• Protecting your websites
• What you should know before watching this course
• Disclaimer

1. Setting Up

• Preparing the test environment
• Setting up WordPress
• Setting up Joomla
• Online testing sites

2. Refresher

• A refresher on web technology
• Refreshing your basic web testing skills
• A refresher on website shell implants

3. Advanced Website Enumeration

• Busting open a website
• Identifying virtual websites
• More ways to find web pages

4. Finding Vulnerabilities

• Vulnerability scanning with Burp Suite
• Using sqlmap to validate SQL injections

5. Attacking the Website

• Exploiting your way into the gym
• Exploiting through an ASPX shell with Cadaver
• Checking web page source
• Injecting HTML into a web page
• Exploiting tools left on websites
• Injecting SQL using Burp Suite
• Exploiting Node.js
• Injecting XML into a web page
• File access through a web application URL

6. Content Management

• Understanding CMS targets
• Getting into WordPress
• Shelling through WordPress
• Exploiting Joomla via SQL

Conclusion

• What's next