Hello and welcome to Web Based Ethical Hacking and Penetration Testing for Beginners. This course is an introduction to your career as a web security expert.

Internet is all around us. We have been using the facilities of internet since a long while and as the internet came in, the cyber-security threat also started to appear. You can hear stories of cyber-attacks day by day in news papers and media.

As the facilities, the easiness and the comfort of using internet based applications, even if its a web application or a mobile application which is using a cloud based API, the chances of getting a cyber attack has also been increased. It has been increased to such a level that we cannot even predict what happens the next day, because hackers are always alert and vigilant and they are looking for a loophole to get into an application and steal your information.

Like the saying ” A person knows how to break a lock, can make a good lock !” , because he knows the vulnerabilities, he knows the loop holes and that person can build a good secure application or he can guide the developer to build a good application which is almost secure and which does not have the loop holes that has already been discovered.

So being cyber security professionals or being cyber security enthusiasts , we will deal with the OWASP Top 10 vulnerabilities . OWASP is a community based project, that is Open Web Application Security Project. Periodically they will be updating their list of vulnerabilities. And in this Top 10 list of vulnerabilities we will be having a subset of other vulnerabilities which will be coming under this top 10 vulnerabilities. So we will cover almost 30 kind of most popular vulnerabilities in this course and these vulnerabilities are the common vulnerabilities that is currently in the Cyber World.

Once you get hold of these 30 vulnerabilities, you will be having enough confidence to test a web application or test a cloud based application in an API based application, a mobile application which is using a cloud based API. In every session I am giving you the mitigations, the defensive mechanisms that we can follow to avoid the vulnerability that we discussed in that particular session. So you will be able to suggest the defensive measures to the programmer or to the developer who is developing the web application.

Please make sure you are using these techniques only for Penetration Testing as well as Ethical Hacking and please do not use it for any other illegal purpose or any other un-ethical kind of things.

Cyber-security and Penetration Testing is a very lucrative career. This course is indented for Cyber Security Beginners, with an overview of basic web coding, interested to come into the cyber security world,and also, existing Testers, who are willing to go into the Penetration Testing. People who are interested in Ethical Hacking can also do this course.

In this course, we will be concentrating mainly on how Penetration Testing can be done on web based applications. And it can also be used for mobile based applications because most of the mobile based applications communicate with a cloud based API. The security of this API is actually the security of the mobile application which is using this API. And by the end of this course, we will be providing you with a course completion certificate on-demand, which you can include in your resume and it will be giving very high value to your current profile.

I promise that you are going to have a really thrilling experience doing Penetration Testing and Ethical Hacking. So see you soon in the class room.