Course 27 - Hacking Web Applications, Penetration Testing, CTF | Episode 13: Essential Web Application Penetration Testing and Scanning Tool

No se pudo agregar al carrito

Solo puedes tener X títulos en el carrito para realizar el pago.

Por favor prueba de nuevo más tarde

Por favor prueba de nuevo más tarde

Por favor prueba de nuevo más tarde

Por favor intenta de nuevo

Intenta nuevamente

Intenta nuevamente

Escúchala gratis

Ver detalles del espectáculo

In this lesson, you’ll learn about:

Web application penetration testing workflows, focusing on discovering hidden resources, identifying vulnerabilities, and validating security weaknesses in authorized testing environments.
Content discovery tools, including:
- DirBuster for dictionary-based directory and file enumeration.
- Dirb (often referenced similarly in labs) for brute-forcing hidden paths.
Vulnerability scanning utilities, such as:
- Nikto for detecting dangerous files, outdated services, and misconfigurations.
- WPScan for auditing WordPress installations, enumerating plugins, themes, and users.
Exploitation and injection testing tools, including:
- sqlmap for automating the detection and validation of SQL injection vulnerabilities.
- Wfuzz for fuzzing parameters, brute-forcing inputs, and discovering unlinked resources.
Reconnaissance and surface mapping tools, such as:
- Aquatone for generating visual attack surface maps via automated screenshots.
- CeWL for spidering websites to create targeted wordlists for testing.
Practical lab application, reinforcing hands-on usage to understand how these tools complement each other during reconnaissance, enumeration, and vulnerability validation phases.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy

Todavía no hay opiniones