×

Web Application Penetration Testing: Input Validation

Add to wishlistAdded to wishlistRemoved from wishlist 0
Add to compare+
Duration

49m

level

Intermediate

Course Creator

Dawid Czagan

Last Updated

22-Feb-24

In this course, you’ll learn how to test for input validation in web applications. The majority of attacks on web applications are related to improper input validation and that’s the reason why this subject is interesting for penetration testers.

Add your review

Improper input validation can lead to very severe consequences. In this course, Web Application Penetration Testing: Input Validation, you will learn how to test for input validation in modern web applications. First, you will learn about a cross-site scripting attack and AngularJS template injection. You will see how the attacker can steal a user’s password as a result of a cross-site scripting attack. I will also present how the attacker can proceed from AngularJS template injection to cross-site scripting. Next, you will explore XML external entity attacks and HTTP parameter pollution. You will see how the attacker can read the content of sensitive files from the web server as a result of an XML external entity attack. You will also see how the attacker can bypass authorization as a result of HTTP parameter pollution. Finally, you will discover SQL injection and Insecure Direct Object Reference. You will see how the attacker can bypass password verification as a result of SQL injection. You will also see how the attacker can gain unauthorized access to the account of another user as a result of Insecure Direct Object Reference. By the end of this course, you will know how to test for input validation in modern web applications and how to provide countermeasures for different types of attacks related to improper input validation.
Author Name: Dawid Czagan
Author Description:
Dawid Czagan is listed among the Top 10 Hackers by HackerOne. He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of these bugs, he has received numerous awards for his findings. He has delivered security training courses at key industry conferences, such as Hack In The Box, CanSecWest, 44CON, Hack In Paris, DeepSec, BruCON, and for many corporate clients. His students include security specialists from Oracle, Adobe, Red H… more

Table of Contents

  • Course Overview
    2mins
  • Testing for Cross-Site Scripting and AngularJS Template Injection
    16mins
  • Testing for XML External Entity Attack and HTTP Parameter Pollution
    16mins
  • Testing for SQL Injection and Insecure Direct Object Reference
    15mins

User Reviews

0.0 out of 5
0
0
0
0
0
Write a review

There are no reviews yet.

Be the first to review “Web Application Penetration Testing: Input Validation”

Your email address will not be published. Required fields are marked *

Web Application Penetration Testing: Input Validation
Web Application Penetration Testing: Input Validation
Edcroma
Logo
Compare items
  • Total (0)
Compare
0
https://login.stikeselisabethmedan.ac.id/produtcs/
https://hakim.pa-bangil.go.id/
https://lowongan.mpi-indonesia.co.id/toto-slot/
https://cctv.sikkakab.go.id/
https://hakim.pa-bangil.go.id/products/
https://penerimaan.uinbanten.ac.id/
https://ssip.undar.ac.id/
https://putusan.pta-jakarta.go.id/
https://tekno88s.com/
https://majalah4dl.com/
https://nana16.shop/
https://thamuz12.shop/
https://dprd.sumbatimurkab.go.id/slot777/
https://dprd.sumbatimurkab.go.id/
https://cctv.sikkakab.go.id/slot-777/
https://hakim.pa-kuningan.go.id/
https://hakim.pa-kuningan.go.id/slot-gacor/
https://thamuz11.shop/
https://thamuz15.shop/
https://thamuz14.shop/
https://ppdb.smtimakassar.sch.id/
https://ppdb.smtimakassar.sch.id/slot-gacor/
slot777
slot dana
majalah4d
slot thailand
slot dana
rtp slot
toto slot
slot toto
toto4d
slot gacor
slot toto
toto slot
toto4d
slot gacor
tekno88
https://lowongan.mpi-indonesia.co.id/
https://thamuz13.shop/
https://www.alpha13.shop/
https://perpustakaan.smkpgri1mejayan.sch.id/
https://perpustakaan.smkpgri1mejayan.sch.id/toto-slot/
https://nana44.shop/
https://sadps.pa-negara.go.id/
https://sadps.pa-negara.go.id/slot-777/
https://peng.pn-baturaja.go.id/
https://portalkan.undar.ac.id/
https://portalkan.undar.ac.id/toto-slot/
https://penerimaan.ieu.ac.id/
https://sid.stikesbcm.ac.id/