Make your applications attack-proof by penetration testing with Python
This course will walk you through the web application penetration testing methodology, showing you how to write your own tools with Python for every main activity in the process. It will show you how to test for security vulnerabilities in web applications just like security professionals and hackers do.
The course starts off by providing an overview of the web application penetration testing process and the tools used by professionals to perform these tests. Then we provide an introduction to HTTP and how to interact with web applications using Python and the Requests library. Then will follow the web application penetration testing methodology and cover each section with a supporting Python example. To finish off, we test these tools against a vulnerable web application created specifically for this course.
Stop just running automated tools—write your own and modify existing ones to cover your needs! This course will give you a flying start as a security professional by giving you the necessary skills to write custom tools for different scenarios and modify existing Python tools to suit your application’s needs.
Who this course is for
If you are a web developer who wants to step into the web application security testing world, this course will provide you with the knowledge you need in no time! If you are penetration tester or want to become one, this course will provide you with a skill set that will give you the edge on the market. Familiarity with Python is essential, but not to an expert level.
What you will learn from this course
- Understand the web application penetration testing methodology and toolkit
- Interact with web applications using Python and the Requests library
- Write a web crawler/spider with the Scrapy library
- Create an HTTP bruteforcer based on Requests
- Create a Password bruteforcer for Basic, NTLM, and Forms authentication
- Detect and exploit SQL injections vulnerabilities by creating a script all by yourself
- Intercept and manipulate HTTP communication using Mitmproxy