Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CodeSignal

Web Application Penetration Testing Basics

via CodeSignal

Overview

This course teaches practical penetration testing methodology using the pastebin as a target. You'll learn reconnaissance, vulnerability discovery, and exploitation using CLI tools like Nmap, mitmproxy, ffuf, and curl.

Syllabus

  • Unit 1: Introduction to Penetration Testing
    • Think Like an Attacker — Close the Information Leak
  • Unit 2: Reconnaissance with Nmap
    • Your First Network Scan
    • Complete the Comprehensive Port Scanner
    • Detect and Document Service Versions
    • Harden Your Express Server
    • Restrict Unwanted HTTP Methods
  • Unit 3: API Enumeration and Fuzzing
    • Your First Enumeration Scan
    • Signal Through the Noise
    • Beyond Automated Discovery
    • Tightening the Throttle
    • Covering All Angles
  • Unit 4: Traffic Interception Basics
    • Your First Traffic Interception
    • Targeting Critical Authentication Traffic
    • Capturing POST Request Body Data
    • Linking Responses to Request Sources
    • Defending Against Traffic Interception
  • Unit 5: Vulnerability Chaining Basics
    • Finding Your Attack Target
    • Probing the Search Endpoint
    • Building Your First Attack Chain
    • Escalating to Complete Credential Theft
    • Breaking the Vulnerability Chain

Reviews

Start your review of Web Application Penetration Testing Basics

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.