Ethical Hacking: Hacking Web Servers and Web Applications
1h 26mIntermediate2021-06-21
Authors

Malcolm Shore
Cybersecurity Expert, Former Director of GCSB
Course details
Websites and web applications are—by their very nature—accessible remotely, which puts them at high risk of cyberattacks. Knowing how to detect and prevent web attacks is a critical skill for developers and information security professionals alike. In this course, find out about existing and emerging web protocols and how to test your sites and applications for weaknesses. Cybersecurity expert Malcolm Shore examines the various parts of a web application and introduces the Open Web Application Security Project (OWASP), which provides documentation, tools, and forums for web developers and testers. He also provides an overview of popular testing tools, including Burp Suite and OWASP ZAP. Learn how to use these utilities to run basic and advanced tests, and protect sites against common attacks.
Skills covered
Security TestingCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Testing to make sure your website is safe
- 02 - What you should know
- 03 - Disclaimer
1. Introduction to Web Servers
- 04 - Elements of web-based applications
- 05 - Dissecting the HTTP HTTPS protocol
- 06 - Moving on to WebSockets
- 07 - Looking at the Google QUIC protocol
- 08 - Understanding cookies
- 09 - Introducing HTML
- 10 - Visiting OWASP
2. Getting Ready to Test
- 11 - Introducing the Zero Bank
- 12 - Installing the WebGoat Server
- 13 - Introducing Burp Suite
- 14 - Scanning with ZAP
- 15 - Proxying with ZAP
- 16 - Introducing WebScarab
3. Running Basic Web Application Tests
- 17 - Fingerprinting web servers
- 18 - Looking for credentials in HTML code
- 19 - Using Cookie Jars
- 20 - Hijacking sessions with cookies
4. Advanced Web Application Tests
- 21 - Manipulating URL parameters
- 22 - Testing for SQL injections
- 23 - Cross-site scripting
- 24 - Injecting commands through the URL
- 25 - Testing with Uniscan
5. Practicing Your Skills
- 26 - Practicing with online banking websites
- 27 - Hacking the cheese
- 28 - Training in the Web Security Dojo
Conclusion
- 29 - Next steps
Related courses
Related learn paths
- Become an Ethical Hacker
- Become a Penetration Tester
- Penetration Testing Professional Certificate
- Advance Your JavaScript Skills
- Explore Cybersecurity Careers
- AI Regulations for Tech Leaders: The EU AI Act and More
- AI Regulations for Business Leaders: The EU AI Act and More
- Building AI Products: Implementing Responsible AI Professional Certificate by LinkedIn Learning