Course Overview

Learn how to hack web applications, automate your exploits in python and defend web applications against real world attacks! For each vulnerability type, we dive into the technical details and then gain hands-on experience by solving labs that model real-world vulnerabilities.

The course covers the following server-side vulnerabilities:

  1. SQL Injection
  2. Authentication Vulnerabilities
  3. Directory Traversal
  4. Command Injection
  5. Business Logic Vulnerabilities
  6. Information Disclosure
  7. Access Control Vulnerabilities
  8. File Upload Vulnerabilities
  9. Server-Side Request Forgery (SSRF)
  10. XXE Injection

The course covers the following client-side vulnerabilities:

  1. Cross-Site Scripting (XSS)
  2. Cross-site request forgery (CSRF)
  3. Cross-origin resource sharing (CORS)
  4. Clickjacking
  5. DOM-based Vulnerabilities (Coming Soon)
  6. WebSocket Vulnerabilities (Coming Soon)

Course Prerequisites:

  • Basic knowledge of computers (i.e. how to use the internet).
  • Basic knowledge of web fundamentals (HTTP requests, methods, cookies, status codes, etc.).
  • Basic knowledge of Python Scripting.




STUDENT TESTIMONIALS

"Absolutely amazing and detailed videos that break down what is going on and take you through the exploitation process. As well as the methodology for testing and how to automate the process afterwards, which is great if you are also wanting to learn some python on the side. All while delivering it in an easy to follow and easy to understand way."

Harold W.


"This is great work, I like your explanation on these topics and the way you present them really sits well with the way I learn. Thanks for taking the time to put this together, it is really appreciated."

@theCyberLearner


"Your videos are really helpful for a beginner like me. With your step by step explanation approach, I am able to understand the topics and gained confidence towards more learning. Thank you for that."

COURSE CURRICULUM - 50+ HOURS



  Introduction
Available in days
days after you enroll
  Getting Help
Available in days
days after you enroll
  Lab Environment Setup
Available in days
days after you enroll
  SQL Injection
Available in days
days after you enroll
  Authentication Vulnerabilities
Available in days
days after you enroll
  Directory Traversal
Available in days
days after you enroll
  OS Command Injection
Available in days
days after you enroll
  Business Logic Vulnerabilities
Available in days
days after you enroll
  Information Disclosure
Available in days
days after you enroll
  Access Control Vulnerabilities
Available in days
days after you enroll
  File Upload Vulnerabilities
Available in days
days after you enroll
  Server-Side Request Forgery (SSRF)
Available in days
days after you enroll
  XXE Injection
Available in days
days after you enroll
  Cross-Site Scripting (XSS)
Available in days
days after you enroll
  Cross-Site Request Forgery (CSRF)
Available in days
days after you enroll
  Cross-origin Resource Sharing (CORS)
Available in days
days after you enroll
  Clickjacking
Available in days
days after you enroll
  What's Next?
Available in days
days after you enroll

CHOOSE A PRICING OPTION


ABOUT THE AUTHOR

Rana Khalil is a pentester currently working in the financial sector. She holds a Bachelor and Master degree in Mathematics and Computer Science. Rana recently received the OSCP certification and is currently pursuing the OSWE certification. In her non-existent free time, you can find her posting HTB writeups on Medium, organizing study groups for the next certs she wants to pursue, and getting involved in the local cybersecurity community in Ottawa.


Follow Rana on Social Media:

LinkedIn: https://www.linkedin.com/in/ranakhalil1/

Twitter: https://twitter.com/rana__khalil

Youtube: https://www.youtube.com/channel/UCKaK-XPQAbznwIISC...

Medium: https://ranakhalil101.medium.com/





Frequently Asked Questions (FAQ)


What is the refund policy?

All students are entitled to a 14-day refund from the date of purchase of the course. Please follow the instructions outlined in this link to submit a refund request.


Will I receive a certificate of completion after I finish the course?

No, we currently do not provide a certificate of completion. The course is designed to help aid students in the preparation for PortSwigger's Burp Suite Certified Practitioner certification. Therefore, students are encouraged to enrol in the certification if they feel they are ready.


Does the course include subtitles?

No, the course currently does not include subtitles. However, I'm working hard to make that happen in the near future.


Does the One-Time Purchase option include all future updates to the course?

Yes, the one-time purchase option provides access to the course and all future updates to the course.


How is this course different from the videos on Youtube and Udemy?

This course contains the same videos as Youtube and Udemy, with the exception that the course contains all the videos, whereas, Youtube only contains a portion of the videos and in Udemy, each module / topic of this course is a single course on Udemy.

Registering in the course gives you the following benefits:

  1. Access to all the module / topic videos.
  2. Access to a private discord channel where you can ask me questions and collaborate with other students.
  3. Early access to any future videos and updates.