Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit.

Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings.

The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization’s security policy compliance, its employees’ security awareness and the organization’s ability to identify and respond to security incidents.

Security issues uncovered through the penetration test are presented to the system’s owner. Effective penetration tests will couple this information with an accurate assessment of the potential impacts to the organization and outline a range of technical and procedural countermeasures to reduce risks.

Chapter 1 - Web Architectures
Chapter 2 - Web Application Introduction
Chapter 3 - PHP-Basics
Chapter 4 - Sessions & Cookies
Chapter 5 - XSS Attacks
Chapter 6 - Advanced SQLI
Chapter 7 - Cross-Site Request Forgery
Chapter 8 - Session Hijacking
Chapter 9 - Web-based DDOS Attacks
Chapter 10 - PHP Injection
Chapter 11 - Web Based Worms
Chapter 12 - I-Frame based Web Attacks
Chapter 13 - Clickjacking
Chapter 14- Attack frameworks: AttackAPI & BeEF
Chapter 15 - Penetration testing on DVWA
Chapter 16 - Hacking Web Server
Chapter 17 - OWASP Top 10
Chapter 18 - Metasploit and Web Application
Chapter 19 - Reverse Engineering
Chapter 20 - Automated Bots
Chapter 21 - Phishing 2.0
Chapter 22 - Brute forcing Web Applications
Chapter 23 - Compliance Methodologies and legalities


Get Guidance from Expert Counselors
close slider