WEB-200: Web Attacks with Kali Linux (OSWA)

Gain hands-on experience with industry-standard tools used by web application penetration testers

Introduction, Discovery, Exploitation and Case Study Learn how attackers inject malicious code into web pages to hijack user sessions, steal sensitive data, or deface websites

Discover how attackers trick authenticated users in web applications and learn how you can identify and exploit CSRF vulnerabilities

Misconfigurations Understand how to identify and fix CORS misconfigurations to keep your web applications safe

Discover the techniques that attackers use to steal sensitive information related to a web application’s database structure and how to stop them

Exploit vulnerabilities in web applications through SQL injections and learn techniques to prevent and mitigate SQL injection attacks

Learn how to identify and exploit directory traversal vulnerabilities and how you can prevent attackers from accessing restricted areas in your web servers

Learn how attackers user manipulate XML processors to exploit input vulnerabilities, how to secure your XML parsers, and to prevent XXE vulnerabilities in your web applications

Learn how to identify and exploit SSTI vulnerabilities and how you can protect your web applications from server-side template injections

Understand different SSRF attack vectors and how to implement countermeasures against them

Learn how attackers take advantage of command injection vulnerabilities and the potential impact on your system’s integrity. Practice identifying, exploiting, and mitigating command injection vulnerabilities

Learn how to handle object references in a secure manner to prevent attackers from accessing private data or performing unauthorized actions

Combine and expand different web application attack and assessment techniques you’ve learned throughout the course