- Warranty
- 7 days
Description:
GIAC Web Application Penetration Tester (GWAPT)
SEC542 enables students to assess a web application's security posture and convincingly demonstrate the business impact should attackers exploit the discovered vulnerabilities. You will practice the art of exploiting web applications to find flaws in your enterprise's web apps. You'll learn about the attacker's tools and methods and, through detailed hands-on exercises, you will learn a best practice process for web application penetration testing, inject SQL into back-end databases to learn how attackers exfiltrate sensitive data, and utilize cross-site scripting attacks to dominate a target infrastructure.
Course Topics
- Interception Proxies
- ZAP (Zed Attack Proxy)
- BurpSuite Professional
- Common Vulnerabilities
- SSL/TLS Misconfigurations
- Username Harvesting
- Authorization Flaws (Direct Object Reference)
- Command Injection
- SQL Injection
- Cross-Site Scripting (XSS)
- Server-Side Request Forgery (SSRF)
- Insecure Deserialization
- XML External Entities (XXE)
- Local and Remote File Inclusion (LFI / RFI)
- Cross-Site Request Forgery (CSRF)
- Open-Source Intelligence (OSINT)
- Target Profiling
- Application Discovery
- Authentication and Authorization
- Session Management Flaws
- Automated Exploitation
Screenshots:
LEAVE A REVIEW FOR SUPPORT View attachment 2109
