Web Application Penetration Testing & SQL Injections

Learning outcomes from this course : Install hacking lab & needed software (works on Windows, OS X and Linux). Install windows & vulnerable operating systems as virtual machines for testing. Discover vulnerabilities & exploit them hack into servers. Hack & secure both WiFi & wired networks. Use many hacking tools such as Metasploit, Aircrack-ng, SQLmap.....etc. Hack secure systems using client-side and social engineering attacks. Learn Network Penetration Testing. Learn linux commands and how to interact with the terminal.Network basics & how devices interact inside a network. Gather detailed information about clients and networks like their OS, opened ports ...etc. Crack WEP/WPA/WPA2 encryptions using a number of methods. ARP Spoofing/ARP Poisoning. Gain control over computer systems using server side attacks. Create undetectable backdoors. Use social engineering to gain full control over target systems. Discover, exploit & fix local file inclusion vulnerabilities. Discover, fix, and exploit SQL injection vulnerabilities. Bypass login forms and login as admin using SQL injections.

Module 1 : You will learn extensive hands-on with installation and configuration of Virtualization and Kali Linux.


    • --              Introduction to Ethical Hacking and Pentesting
    • --              VMWare Installation
    • --              Installation of Kali Linux
    • --              Kali Linux Configuration and VMWare Tools
    • --              Introduction to Kali Linux
    • --              Concept of Operating Systems

      • Master your commandline skills to navigate and administer Kali Linux and Windows Command lines

                • --              Linux terminal basics
                • --              Kali Linux editors
                • --              Kali Linux administrative commands
                • --              Windows and Networking command

Prepare Your Lab


    • --              Changing IP address and setting up Wireless Adapter
    • --              Creating Bootable Kali USB
    • --              Important Networking Terms
    • --              Important Hacking Terms
    • --              Few Things to Do After Installing Kali Linux
    • --              Changing Our Mac Address - MacChanger

Footprinting


    • --              Google Hacking
    • --              Working with Nikto
    • --              DNS Footprinting
    • --              The Harvester
    • --              Shodan
    • --              Zone Transfer With Dig

    Scanning


      • --              Installing Metasploitable
      • --              Working with Nmap
      • --              Working with Zenmap
      • --              TCP scans
      • --              Nmap Bypassing Defences
      • --              Nmap Scripts

    Web Penetration Testing


      • --              Installing Owasp
      • --              HTTP request
      • --              HTTP Response
      • --              Burpsuite Configuration
      • --              Editing Packets in Burpsuite
      • --              Whatweb & Dirb
      • --              Password Recovery Attack
      • --              Burpsuite Login Bruteforce
      • --              Hydra Login Bruteforce
      • --              Session Fixation
      • --              Injection Attacks
      • --              Simple Command Injection
      • --              Exploiting Command Injection Vulnerability
      • --              Finding Blind Command Injection
      • --              Webpentest - Basics Of SQL
      • --              Manual SQL Injection
      • --              SQLmap basics
      • --              XML Injection
      • --              Installing XCAT and Preventing Injection Attacks
      • --              Reflected XSS
      • --              Stored XSS
      • --              Changing HTML Code with XSS

    SQL Injections Attacks


      • --              Introduction To SQL injection
      • --              SQL Injection To Google Dorks
      • --              SQL Mapping Via Kali Linux
      • --              Gathering Password And Cracking The Hash
      • --              Website Hacking - SQL Injections with Sqlmap
      • --              Tautologies Of SQL Injection
      • --              Discovering SQL Injection Error Based Discovery
      • --              Selective SQL Injection
      • --              Union Based SQL Injection
      • --              Timing Attacks Using SQL Injection
      • --              Reading Website Files With Hacking
      • --              Bypassing Authentication Using SQL Injection
      • --              Inserting Data Using SQL Injection
      • --              Cross Site Scripting XSS
      • --              Hacking Using SQL Map SQL Injection
      • --              Hacking Using Web Shell SQL Injection
      • --              Show Hidden Pages
      • --              Automate SQL Injection Attacks

    Wireless Attacks


      • --              Introduction to WEP and WPA
      • --              802 1X Standard
      • --              Wireless Cracking Overview
      • --              Wriless Cracking Via Kali Linux