Home > Developer > Web Develop
2012-2018 in the past few years, we ushered in the era of Big data, network environment, now more popular and popular! We are facing unprecedented challenges not only in our lives, but in our work.
These challenges include privacy leaks, information leaks, hacking, business espionage, and more. In addition to strengthening information security education, we also need to solve this kind of security problem technically.
With the generation of blockchain ideas, these years will be the network development breakthrough bottleneck of the transition zone, so yuntest deliberately launched on the network security of the course web security penetration.
for the crowd: Web security, programmers, system operations, SEO black hat, the masses
Training Format: a variety of courses tailored to your needs!
| Stage | Serial Number | Course Content |
|---|---|---|
| HTML Basics | ||
| First lesson | Base page base elements and font labels | |
| Lesson Two | Formatting font labels and hyperlink labels | |
| Lesson Three | IMG Tags and List labels | |
| Lesson Four | Form | |
| Fifth | Forms Common Labels | |
| Lesson Six | HTML framework | |
| Seventh lesson | HTML Media Tags | |
| DIV+CSS Foundation | ||
| First lesson | What is Div+css | |
| Lesson Two | Background | |
| Lesson Three | Text text | |
| Lesson Four | Box model | |
| Fifth | Block-level elements and row-level elements | |
| Lesson Six | Floating | |
| Seventh lesson | Positioning | |
| Eighth lesson | Pseudo class Selector | |
| Nineth Lesson | List | |
| Database Basics | ||
| First lesson | Basic operations of the database | |
| Lesson Two | Basic operation of the table | |
| Lesson Three | Data deletion and modification | |
| Lesson Four | Advanced Query One | |
| Fifth | Sub-query | |
| Lesson Six | Union self-connecting left and right link query | |
| Seventh lesson | Iformation_schema detailed understanding and SQL Injection Statement analysis | |
| Environment construction | ||
| First lesson | Penetration test Environment Construction | |
| Lesson Two | CentOS Installation Beef | |
| Lesson Three | Foreign VPS Build Metasploit_nmap_ Postgresql | |
| Penetration Testing Basics | ||
| First lesson | Penetration Testing | |
| Lesson Two | Common coding for penetration testing | |
| Protocol security | ||
| First lesson | HTTP protocol Detailed | |
| Lesson Two | The HTTP protocol cookie | |
| Lesson Three | Session of the HTTP protocol | |
| Lesson Four | HTTP protocol cookie and Session differences and vulnerability examples | |
| Lesson Five | Intranet roaming _ssocks Agent installation and intranet access | |
| Lesson Six | ARP spoofing with MITM (man-in-the-middle attack) | |
| Seventh lesson | ARP man-in-the-middle attack _ettercap_dns deception _https sniffing | |
| Eighth lesson | ARP man-in-the-middle attack _ettercap Text mode usage | |
| Vulnerability Testing | ||
| First lesson | SQL injection Php+mysql (Federated query injection) | |
| Lesson Two | SQL injection Php+mysql (time-lapse injection and Python injection tool writing) | |
| Lesson Three | SQL injection Php+mysql (written based on Boolean blind injection and Python injection tools) | |
| Lesson Four | SQL injection Php+mysql (read-write files and Secure_file_priv) | |
| Lesson Five | CSRF Cross-site forgery request | |
| Lesson Six | Three types of XSS vulnerabilities | |
| Seventh lesson | XXe Entity Injection | |
| Eighth lesson | Command execution vulnerability | |
| Nineth Lesson | file contains vulnerability | |
| Tenth lesson | Ultra vires vulnerability level ultra vires vertical ultra vires | |
| 11th lesson | SSRF server-side request forgery (with Python SSRF scanning using the authoring process) | |
| 12th Lesson | File Upload Vulnerability | |
| 13th lesson | Online Payment Vulnerability | |
| 14th Lesson | Password Retrieval Vulnerability | |
| 15th lesson | Verification Identification and bypass | |
| Enumeration blasting | ||
| First lesson | FTP and MySQL port password poor lift | |
| Lesson Two | Hydra Blasting various port services (MYSQL, RDP, SSH, MSSQL, STMP, POP3) | |
| Lesson Three | Background User Login Password Enumeration | |
| PHP Vulnerability Mining | ||
| First lesson | PHP audit Environment, audit tools, audit platform introduction and installation | |
| Lesson Two | Common code debugging functions and annotations in PHP code audit | |
| Lesson Three | The hyper-global variables involved in PHP code audits | |
| Lesson Four | PHP Code Audit Command Injection | |
| Lesson Five | PHP Code Audit Code Execution injection | |
| Lesson Six | PHP code Audit XSS-Reflective vulnerability | |
| Seventh lesson | PHP Code Audit XSS-Storage vulnerability | |
| Eighth lesson | PHP code audits are locally included with remote inclusions | |
| Nineth Lesson | PHP Code Audit SQL injection | |
| Tenth lesson | PHP Code Audit CSRF Cross-site request forgery | |
| 11th lesson | PHP code audit dynamic function execution and anonymous function execution | |
| 12th Lesson | PHP Code Audit unserialize Anti-Serialization vulnerability | |
| 13th lesson | PHP code audit Coverage Variable Vulnerability | |
| 14th Lesson | PHP Code Audit file Management Vulnerability | |
| 15th lesson | PHP code Audit File Upload Vulnerability | |
| 16th lesson | PHP Code Audit Combat Vulnerability Mining CMS Background Login Bypass Vulnerability | |
| 17th Lesson | PHP Code Audit Combat Vulnerability Mining CMS Background Login Bypass Vulnerability | |
| 18th Lesson | PHP Code Audit Combat XDCMS 0day Mining | |
| 19th Lesson | PHP Code Audit actual Combat phpmps Xday Vulnerability Mining | |
| 20th lesson | PHP Code Audit actual combat metinfo CMS overwrite Variable vulnerability mining | |
| 21st Lesson | PHP Code Audit actual combat phpcms2008 0day exploits Mining | |
| 22nd Lesson | PHP Code Audit actual combat phpcms2008 Foreground Code Execution Vulnerability Mining | |
| 23rd lesson | PHP Code Audit actual combat Qibo CMS pass kill exploit | |
| 24th Lesson | PHP Code Audit actual combat Qibo CMS access to kill XSS vulnerability mining | |
| 25th Lesson | PHP Code Audit Combat XDCMS 0day Mining | |
| 26th lesson | PHP Code Audit actual Combat phpmps Xday Vulnerability Mining | |
| 27th Lesson | PHP Code Audit Combat metinfo Variable Uninitialized continue Getshell vulnerability mining | |
| 28th Lesson | PHP Code Audit actual combat DEDECMS (Dream Management System) a strange hole mining | |
| 29th Lesson | PHP Code Audit actual combat csdjcms (Chengshi Dance website system) Vulnerability Mining | |
| 30th Lesson | PHP Code Audit actual combat csdjcms (Chengshi Dance website system) variable initialization Getshell Vulnerability mining | |
| 31st Lesson | PHP Code Audit actual combat csdjcms (Chengshi Dance website system) Front desk arbitrary getshell Vulnerability Mining | |
| Practical Tips | ||
| First lesson | Dark Month foreign infiltration + audit +exp | |
| Lesson Two | Dark Month foreign infiltration + audit + Bulk +exp+ large number of Webshell | |
| Lesson Three | Shell Environment compilation installation dsniff+ Sniffer demo | |
| Lesson Four | Shell Environment compilation installation Ettercap+ Sniffer demo | |
| Lesson Five | Configuring the Sqlmap in Shell mode | |
| Lesson Six | Install MySQL skip authorization form no password login | |
| Seventh lesson | Configuring the Epel Source one-click Installation Dsniff&etter/tdcap | |
| Eighth lesson | Rsyn Building and exploit | |
| Nineth Lesson | Redis Build and Exploit | |
| Tenth lesson | MongoDB installation Settings | |
| 11th lesson | MongoDB exploit and security settings | |
| 12th Lesson | MongoDB Tow Library and warehousing | |
| 13th lesson | Practical installation of the powerful OpenSSH back door | |
| 14th Lesson | GNU C Library Dynamic linker $ORIGIN Expansion Vulnerability (Power up CentOS) | |
| 15th lesson | Zabbix operation and Maintenance Vulnerability utilization | |
| 16th lesson | Zabbix Operational Vulnerability Utilization Two | |
| 17th Lesson | Instance infiltration WDCP to Linux Broiler | |
| 18th Lesson | Real-Batch WordPress | |
| 19th Lesson | Linux compile and install NC and use the application scenario | |
| 20th lesson | Git exploit (infiltrate a site) | |
| 21st Lesson | Memcached (infiltration of a site) | |
| 22nd Lesson | SVN exploits (infiltrate a site) | |
| 23rd lesson | PHPCMS authkey injection and background Getshell | |
| 24th Lesson | PHPCMS Latest Injection Utilization process | |
| 25th Lesson | Latest round Safety Dog injection | |
| 26th lesson | Latest Around Safe dog add user | |
| 27th Lesson | Linux MySQL UDF extract right | |
| 28th Lesson | Ecshop two injection utilization and the latest Getshell in the background | |
| 29th Lesson | Gourdscan distributed passive scan artifact configuration and use | |
| 30th Lesson | Joomla Anti-serialization Object Injection Vulnerability Batch Utilization | |
| 31st Lesson | Build belongs to self-shadowsocks multi-user version security, convenient, fast | |
| 32nd lesson | One-click Station Group Tool use | |
| 33rd lesson | thinkphp Cache Getshell Vulnerability | |
| SQLMAP Special Topics | ||
| First lesson | Installation and configuration of Sqlmap | |
| Lesson Two | Sqlmap Instructions for use | |
| Lesson Three | Sqlmap Inject access+asp website | |
| Lesson Four | Sqlmap Inject mysql+php website | |
| Lesson Five | Sqlmap Inject Mssql+asp.net website | |
| Lesson Six | Sqlmap Inject orcale+jsp website | |
| Seventh lesson | Sqlmap Cookie Injection site | |
| Eighth lesson | Sqlmap Post injection site | |
| Nineth Lesson | Sqlmap Login box to inject web site | |
| Tenth lesson | Sqlmap MySQL injection to website read and write operations | |
| 11th lesson | Sqlmap MySQL Interactive write shell and execute command | |
| 12th Lesson | Sqlmap Special Parameter explanation | |
| 13th lesson | SQLMAP Authentication Box Login Injection | |
| 14th Lesson | Sqlmap Quick Drag Library | |
| 15th lesson | Sqlmap pseudo Static injection | |
| 16th lesson | Sqlmap Security Dog Section bypass for WAF | |
| 17th Lesson | Sqlmap identify WAF and tamper using bypass WAF | |
| 18th Lesson | Sqlmap Agent and batch injection point detection | |
| 19th Lesson | Sqlmap Dump Database Full contents | |
| 20th lesson | Sqlmap--sql-query Utilization | |
| 21st Lesson | Sqlmap default modification (around WAF, water meter) | |
| Metasploit Special Topics | ||
| First lesson | Metasploit Introduction and Basic commands | |
| Lesson Two | Metasploit | |
| Lesson Three | Metasploit using a module to guess the service password | |
| Lesson Four | Metasploit Vulnerability Module Use | |
| Lesson Five | Metasploit Shellcode Use | |
| Lesson Six | Metasploit Persistent Control Installation Backdoor | |
| Seventh lesson | Metasploit Meterpreter Detailed introduction and use Bypass | |
| Eighth lesson | Metasploit meterpreter subsequent penetration module use | |
| Nineth Lesson | Metasploit Intranet Infiltration | |
| Tenth lesson | Metasploit multiple cross-routing infiltration Internal network | |
| 11th lesson | Metasploit_windows and Linux rights | |
| 12th Lesson | Metasploit_db_nmap For | |
| Over (WAF) firewalls | ||
| First lesson | ASPX bypasses IIS security dog continues to inject | |
| Lesson Two | Latest Bypass Security dog uploads | |
| Lesson Three | Chinese chopper (Chopper) bypasses dog safety interception | |
| Lesson Four | Over-Cloud lock injection | |
| Lesson Five | Bypass host Defender "upload" and "inject" | |
| Lesson Six | ASP continues injection around IIS security dog |
Enquiry : QQ2780217151
Price: Promotion Period 2000/person original price 2500/person
Teaching Form: Tutorial Encrypt a machine one-yard tutorial the tools used are included in the course.
Web Penetration Testing Course
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
