By Dawid Czagan, Top 10 Hacker at HackerOne
Web Hacker’s Toolbox: Tools Used by Successful Hackers
What you will learn
- Discover the tools used by successful hackers
- Learn step by step how to use these tools in practice (DEMOS)
- Find SQL injections in minutes with Sqlmap
- Detect security weaknesses with Google Hacking
- Do fuzzing with Burp Suite Intruder
- Exploit race conditions with OWASP ZAP
- Use these tools in your own penetration testing projects
- Learn from one of the top hackers at HackerOne
Course description
Ethical hackers and penetration testers need a very good toolbox to do their job efficiently. What’s more, they need to learn step by step how to use the tools from this toolbox and that’s exactly what I’ll present in this online training.
This self-paced online training is composed of 4 different courses:
1. How Hackers Find SQL Injections in Minutes with Sqlmap 2. Web Application Security Testing with Google Hacking 3. Fuzzing with Burp Suite Intruder 4. Exploiting Race Conditions with OWASP ZAP In the 1st course, I’ll demonstrate Sqlmap which is the most powerful tool for automated SQL injection detection and exploitation. In the 2nd course, I’ll present Google Hacking and I’ll show you how Google Hacking can be used to find security weaknesses in web applications. In the 3rd course, I’ll present fuzzing, which is a vulnerability detection technique used by many successful hackers, and I’ll demonstrate how to do fuzzing with Burp Suite Intruder. Finally, I’ll show you how to exploit race conditions with OWASP ZAP. Race conditions can lead to very dangerous attacks on modern web applications and this is exactly what I’ll demonstrate in course No. 4. This online training is about the tools used by successful hackers. That’s why I’ll present a lot of demos and I’ll show you step by step how to use these tools in practice. You’ll learn how to use these tools in your own penetration testing projects and you’ll also learn how to use them to protect your web applications.
Who this course is for:
* Penetration testers * Ethical hackers * Bug hunters * Security engineers / consultants
Requirements
- Basic hacking skills
Related Skills
Course overview - 33
Course #1: How Hackers Find SQL Injections in Minutes with Sqlmap
The Basics of Sqlmap – Overview
The Basics of Sqlmap – Demo
Dumping Database Table Entries – Overview
Dumping Database Table Entries – Demo
From SQL Injection to Remote Code Execution – Overview
From SQL Injection to Remote Code Execution – Demo
More Advanced Testing with Sqlmap – Overview
More Advanced Testing with Sqlmap – Demo
Bypassing Web Application Firewalls – Overview
Bypassing Web Application Firewalls – Demo
Summary: Sqlmap
Course #2: Web Application Security Testing with Google Hacking
Google Hacking: Finding Directory Listings
Google Hacking: Finding SQL Syntax Errors
Google Hacking: Finding Publicly Exposed Backup Files
Google Hacking: Finding Internal Server Errors
Google Hacking: Finding Sensitive Data in URLs
Google Hacking: Finding Insecure HTTP Web Pages
Google Hacking Database
Case Study: Microsoft Yammer Social Network
How to Prevent Google Indexing from Happening
Summary: Google Hacking
Course #3: Fuzzing with Burp Suite Intruder
Fuzzing with Burp Suite Intruder – Overview
Fuzzing for SQL Injection – Demo
Fuzzing for Path Traversal – Demo
Fuzzing with Burp Suite Intruder – Tips and Tricks
Course #4: Exploiting Race Conditions with OWASP ZAP
Exploiting Race Conditions – Case 1 (Part1)
Exploiting Race Conditions – Case 1 (Part2)
Exploiting Race Conditions – Case 2
Case Studies of Award-Winning Race Condition Attacks
Learners who have already enrolled in this course
Meet your instructor
Course by this author
- Dawid CzaganWeb Hacking Secrets: How to Hack Legally and Earn Thousands of Dollars at HackerOne6h 20m of content$999.99
