Web Penetration Testing Course

Source: Internet
Author: User
Tags mssql mysql injection php website sql injection php


2018 Latest Web Penetration Testing course Introduction:


2012-2018 in the past few years, we ushered in the era of Big data, network environment, now more popular and popular! We are facing unprecedented challenges not only in our lives, but in our work.



These challenges include privacy leaks, information leaks, hacking, business espionage, and more. In addition to strengthening information security education, we also need to solve this kind of security problem technically.



With the generation of blockchain ideas, these years will be the network development breakthrough bottleneck of the transition zone, so yuntest deliberately launched on the network security of the course web security penetration.



for the crowd: Web security, programmers, system operations, SEO black hat, the masses








Training Format: a variety of courses tailored to your needs!








Training content:




Stage Serial Number Course Content
HTML Basics
First lesson Base page base elements and font labels
Lesson Two Formatting font labels and hyperlink labels
Lesson Three IMG Tags and List labels
Lesson Four Form
Fifth Forms Common Labels
Lesson Six HTML framework
Seventh lesson HTML Media Tags
DIV+CSS Foundation
First lesson What is Div+css
Lesson Two Background
Lesson Three Text text
Lesson Four Box model
Fifth Block-level elements and row-level elements
Lesson Six Floating
Seventh lesson Positioning
Eighth lesson Pseudo class Selector
Nineth Lesson List
Database Basics
First lesson Basic operations of the database
Lesson Two Basic operation of the table
Lesson Three Data deletion and modification
Lesson Four Advanced Query One
Fifth Sub-query
Lesson Six Union self-connecting left and right link query
Seventh lesson Iformation_schema detailed understanding and SQL Injection Statement analysis
Environment construction
First lesson Penetration test Environment Construction
Lesson Two CentOS Installation Beef
Lesson Three Foreign VPS Build Metasploit_nmap_ Postgresql
Penetration Testing Basics
First lesson Penetration Testing 
Lesson Two Common coding for penetration testing
Protocol security
First lesson HTTP protocol Detailed
Lesson Two The HTTP protocol cookie
Lesson Three Session of the HTTP protocol
Lesson Four HTTP protocol cookie and Session differences and vulnerability examples
Lesson Five Intranet roaming _ssocks Agent installation and intranet access
Lesson Six ARP spoofing with MITM (man-in-the-middle attack)
Seventh lesson ARP man-in-the-middle attack _ettercap_dns deception _https sniffing
Eighth lesson ARP man-in-the-middle attack _ettercap Text mode usage
Vulnerability Testing
First lesson SQL injection Php+mysql (Federated query injection)
Lesson Two SQL injection Php+mysql (time-lapse injection and Python injection tool writing)
Lesson Three SQL injection Php+mysql (written based on Boolean blind injection and Python injection tools)
Lesson Four SQL injection Php+mysql (read-write files and Secure_file_priv)
Lesson Five CSRF Cross-site forgery request
Lesson Six Three types of XSS vulnerabilities
Seventh lesson XXe Entity Injection
Eighth lesson Command execution vulnerability
Nineth Lesson file contains vulnerability
Tenth lesson Ultra vires vulnerability level ultra vires vertical ultra vires
11th lesson SSRF server-side request forgery (with Python SSRF scanning using the authoring process)
12th Lesson File Upload Vulnerability
13th lesson Online Payment Vulnerability
14th Lesson Password Retrieval Vulnerability
15th lesson Verification Identification and bypass
Enumeration blasting
First lesson FTP and MySQL port password poor lift
Lesson Two Hydra Blasting various port services (MYSQL, RDP, SSH, MSSQL, STMP, POP3)
Lesson Three Background User Login Password Enumeration
PHP Vulnerability Mining
First lesson PHP audit Environment, audit tools, audit platform introduction and installation
Lesson Two Common code debugging functions and annotations in PHP code audit
Lesson Three The hyper-global variables involved in PHP code audits
Lesson Four PHP Code Audit Command Injection
Lesson Five PHP Code Audit Code Execution injection
Lesson Six PHP code Audit XSS-Reflective vulnerability
Seventh lesson PHP Code Audit XSS-Storage vulnerability
Eighth lesson PHP code audits are locally included with remote inclusions
Nineth Lesson PHP Code Audit SQL injection
Tenth lesson PHP Code Audit CSRF Cross-site request forgery
11th lesson PHP code audit dynamic function execution and anonymous function execution
12th Lesson PHP Code Audit unserialize Anti-Serialization vulnerability
13th lesson PHP code audit Coverage Variable Vulnerability
14th Lesson PHP Code Audit file Management Vulnerability
15th lesson PHP code Audit File Upload Vulnerability
16th lesson PHP Code Audit Combat Vulnerability Mining CMS Background Login Bypass Vulnerability
17th Lesson PHP Code Audit Combat Vulnerability Mining CMS Background Login Bypass Vulnerability
18th Lesson PHP Code Audit Combat XDCMS 0day Mining
19th Lesson PHP Code Audit actual Combat phpmps Xday Vulnerability Mining
20th lesson PHP Code Audit actual combat metinfo CMS overwrite Variable vulnerability mining
21st Lesson PHP Code Audit actual combat phpcms2008 0day exploits Mining
22nd Lesson PHP Code Audit actual combat phpcms2008 Foreground Code Execution Vulnerability Mining
23rd lesson PHP Code Audit actual combat Qibo CMS pass kill exploit
24th Lesson PHP Code Audit actual combat Qibo CMS access to kill XSS vulnerability mining
25th Lesson PHP Code Audit Combat XDCMS 0day Mining
26th lesson PHP Code Audit actual Combat phpmps Xday Vulnerability Mining
27th Lesson PHP Code Audit Combat metinfo Variable Uninitialized continue Getshell vulnerability mining
28th Lesson PHP Code Audit actual combat DEDECMS (Dream Management System) a strange hole mining
29th Lesson PHP Code Audit actual combat csdjcms (Chengshi Dance website system) Vulnerability Mining
30th Lesson PHP Code Audit actual combat csdjcms (Chengshi Dance website system) variable initialization Getshell Vulnerability mining
31st Lesson PHP Code Audit actual combat csdjcms (Chengshi Dance website system) Front desk arbitrary getshell Vulnerability Mining
Practical Tips
First lesson Dark Month foreign infiltration + audit +exp
Lesson Two Dark Month foreign infiltration + audit + Bulk +exp+ large number of Webshell
Lesson Three Shell Environment compilation installation dsniff+ Sniffer demo
Lesson Four Shell Environment compilation installation Ettercap+ Sniffer demo
Lesson Five Configuring the Sqlmap in Shell mode
Lesson Six Install MySQL skip authorization form no password login
Seventh lesson Configuring the Epel Source one-click Installation Dsniff&etter/tdcap
Eighth lesson Rsyn Building and exploit
Nineth Lesson Redis Build and Exploit
Tenth lesson MongoDB installation Settings
11th lesson MongoDB exploit and security settings
12th Lesson MongoDB Tow Library and warehousing
13th lesson Practical installation of the powerful OpenSSH back door
14th Lesson GNU C Library Dynamic linker $ORIGIN Expansion Vulnerability (Power up CentOS)
15th lesson Zabbix operation and Maintenance Vulnerability utilization
16th lesson Zabbix Operational Vulnerability Utilization Two
17th Lesson Instance infiltration WDCP to Linux Broiler
18th Lesson Real-Batch WordPress
19th Lesson Linux compile and install NC and use the application scenario
20th lesson Git exploit (infiltrate a site)
21st Lesson Memcached (infiltration of a site)
22nd Lesson SVN exploits (infiltrate a site)
23rd lesson PHPCMS authkey injection and background Getshell
24th Lesson PHPCMS Latest Injection Utilization process
25th Lesson Latest round Safety Dog injection
26th lesson Latest Around Safe dog add user
27th Lesson Linux MySQL UDF extract right
28th Lesson Ecshop two injection utilization and the latest Getshell in the background
29th Lesson Gourdscan distributed passive scan artifact configuration and use
30th Lesson Joomla Anti-serialization Object Injection Vulnerability Batch Utilization
31st Lesson Build belongs to self-shadowsocks multi-user version security, convenient, fast
32nd lesson One-click Station Group Tool use
33rd lesson thinkphp Cache Getshell Vulnerability
SQLMAP Special Topics
First lesson Installation and configuration of Sqlmap
Lesson Two Sqlmap Instructions for use
Lesson Three Sqlmap Inject access+asp website
Lesson Four Sqlmap Inject mysql+php website
Lesson Five Sqlmap Inject Mssql+asp.net website
Lesson Six Sqlmap Inject orcale+jsp website
Seventh lesson Sqlmap Cookie Injection site
Eighth lesson Sqlmap Post injection site
Nineth Lesson Sqlmap Login box to inject web site
Tenth lesson Sqlmap MySQL injection to website read and write operations
11th lesson Sqlmap MySQL Interactive write shell and execute command
12th Lesson Sqlmap Special Parameter explanation
13th lesson SQLMAP Authentication Box Login Injection
14th Lesson Sqlmap Quick Drag Library
15th lesson Sqlmap pseudo Static injection
16th lesson Sqlmap Security Dog Section bypass for WAF
17th Lesson Sqlmap identify WAF and tamper using bypass WAF
18th Lesson Sqlmap Agent and batch injection point detection
19th Lesson Sqlmap Dump Database Full contents
20th lesson Sqlmap--sql-query Utilization
21st Lesson Sqlmap default modification (around WAF, water meter)
Metasploit Special Topics
First lesson Metasploit Introduction and Basic commands
Lesson Two Metasploit 
Lesson Three Metasploit using a module to guess the service password
Lesson Four Metasploit Vulnerability Module Use
Lesson Five Metasploit Shellcode Use
Lesson Six Metasploit Persistent Control Installation Backdoor
Seventh lesson Metasploit Meterpreter Detailed introduction and use Bypass
Eighth lesson Metasploit meterpreter subsequent penetration module use
Nineth Lesson Metasploit Intranet Infiltration
Tenth lesson Metasploit multiple cross-routing infiltration Internal network
11th lesson Metasploit_windows and Linux rights
12th Lesson Metasploit_db_nmap For 
Over (WAF) firewalls
First lesson ASPX bypasses IIS security dog continues to inject
Lesson Two Latest Bypass Security dog uploads
Lesson Three Chinese chopper (Chopper) bypasses dog safety interception
Lesson Four Over-Cloud lock injection
Lesson Five Bypass host Defender "upload" and "inject"
Lesson Six ASP continues injection around IIS security dog


Enquiry : QQ2780217151












Price: Promotion Period 2000/person original price 2500/person



Teaching Form: Tutorial Encrypt a machine one-yard tutorial the tools used are included in the course.



Web Penetration Testing Course


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.