Books & Videos

Table of Contents

Chapter: Introduction

The Course Overview

05m 58s

Understanding Web Application Penetration Testing Process

07m 50s

Typical Web Application Toolkit

06m 19s

Testing Environment

06m 15s

Chapter: Interacting with Web Applications

HTTP Protocol Basics

07m 10s

Anatomy of an HTTP Request

07m 56s

Interacting with Web Apps Using Requests Library

10m 24s

Analyzing the Responses

07m 22s

Chapter: Web Crawling with Scrapy

Web Application Mapping

03m 36s

Creating a Crawler with Scrapy

07m 56s

Recursive Crawling

03m 43s

Extracting Information

05m 23s

Chapter: Resources Discovery

What Is Resource Discovery?

04m 2s

Building Our First Brute Forcer

05m 25s

Analyzing the Results

05m 17s

Adding More Information

03m 54s

Taking Screenshots of the Findings

04m 15s

Chapter: Password Testing

How Password Attacks Work?

04m 56s

Our First Password Brute Forcer

04m 38s

Adding Support for Digest Authentication

04m 43s

Form-based Authentication

07m 8s

Chapter: Detecting and Exploiting SQL Injection Vulnerabilities

SQL Injection Vulnerability

04m 50s

Detecting SQL Injection Issues

08m 9s

Exploiting a SQL Injection to Extract Data

06m 0s

Advanced SQLi Exploiting

03m 55s

Chapter: Intercepting HTTP Requests

HTTP Proxy Anatomy

04m 7s

Introduction to mitmproxy

03m 53s

Manipulating HTTP Requests

06m 53s

Automating SQLi in mitmproxy

04m 38s

Wrapping Up

03m 55s