Course Brief
About this Course
This course covers essential website security practices and exploitation techniques. You will learn how to identify common vulnerabilities, perform attacks like XSS, SQL injection, CSRF, and gain hands-on experience securing websites from various threats. It also includes real-world demonstrations and tools used in ethical hacking.
Learn website security, exploit vulnerabilities, and safeguard web applications from attacks.
Eligibility
Requirements
- Basic knowledge of web technologies (HTML, JavaScript, CSS).
- Interest in ethical hacking and website security.
- A computer with internet access.
- Willingness to learn exploitation techniques and website defense.
Training Plan
Learning Roadmap
01
Foundation Studio: Introduction
- Practice introduction through a guided ai and data practice activity.
- Why This Course is important
- Practice course outline through a guided ai and data practice activity.
- Tips To learn hacking and Security
- Who Should Attend Summary
- guided portfolio activity Exercise- 1
02
Practical Lab: Cross site Scripting XSS
- What is a Cross site Scripting XSS and prerequisites
- Types of Cross site Scripting XSS
- How to Find Cross site Scripting XSS with Dorks
- What is Get Post Method How to Convert Post
- What is Non Persistent XSS With Examples
- Non Persistent XSS Demonstration
- Persistent or Stored XSS with Demonstration
- What is DOM XSS with Demonstration
- How to Use Firefox Addons to Find a cross site scripting XSS
- Demonstration with Live Examples
- How to Secure a website From XSS and Important Points
- guided portfolio activity Exercise- 2
03
Applied Workflow: SQL Injection
- Introduction to SQL Injection
- Types of SQL Injection(1)
- How to Find a SQL Injection (Demonstration)
- How to Find a SQL Injection with Google Dorks
- How to Find a SQL Injection With Havij
- How to Find a SQL Injection With sqlmap
- Blind SQL injection Demonstration How to Secure a Website
- guided portfolio activity Exercise- 3
04
Professional Practice: Cross Site Request Forgery CSRF
- What is Cross site Request Forgery CSRF
- Cross Site Request Forgery CSRF Demonstration
- Demonstration With Live Examples
- How to Secure a Website From CSRF Vulnerabilities
- guided portfolio activity Exercise- 4
05
Portfolio Sprint: HTTP Parameter Pollution
- What is HTTP Parameter Pollution
- Client and Server side HTTP Parameter Pollution
- HTTP Parameter Pollution Demonstration
- Security of HTTP Parameter Pollution
- How to Secure HTTP Parameter Pollution
- guided portfolio activity Exercise- 5
06
Career Readiness: Parameter Manipulation
- What is Parameter Manipulation Types (Part A)
- What is Parameter Manipulation Types (Part B)
- Cookie Manipulation
- HTTP Header Manipulation
- Practice url manipulation through a guided ai and data practice activity.
- guided portfolio activity Exercise- 6
07
Foundation Studio: Secure Socket Layer SSL
- Practice what is ssl through a guided ai and data practice activity.
- Why SSL is important for Web Applications
- How To Find SSL and Secure a Web Application
- guided portfolio activity Exercise- 7
08
Practical Lab: Remote File Inclusion RFI
- What is Remote File inclusion RFI
- How to Find Remote file inclusion RFI (Demonstration)
- How to Secure a Web Application From RFI
- guided portfolio activity Exercise- 8
09
Applied Workflow: Directory Transversal Attack or LFI
- What is a Directory Transversal Attack or LFI
- How to Find Directory Transversal Attack or LFI
- guided portfolio activity Exercise- 9
10
Professional Practice: Common Web Application Vulnerabilities
- What is Clickjacking with Demonstration
- What is URL Redirection
- How to Secure a Web application From URL Redirection
- Practice host header attack through a guided ai and data practice activity.
- Business Logic Flaw
- How hacker Uploads a Shell on Web Application
- guided portfolio activity Exercise- 10
11
Portfolio Sprint: WordPress Security - Learn How to Secure
- Introduction to WordPress Security
- WordPress Exploitation
- How to Secure a WordPress
- guided portfolio activity Exercise- 11
12
Career Readiness: Top Kali Linux Tools and Others
- Introduction to Kali Linux
- How to Install Kali Linux
- Kali Linux Demonstration (OWASP Zap, Maltego)
- How to use Joomla Security Scanner In Kali Linux
- How To Setup And Use Xerxes DOS Tool
- How to Use DirBuster (Part A)
- How to Use DirBuster (Part B)
- How to use dnsmap in Kali Linux
- How to use Uniscan web vulnerability
- How to use Vega Web Vulnerability Scanner
- How to Use a Netsparker Web Security Scanner
- How to Use an Acunetix Web Security Scanner
- Final Class of Security Scanner
- guided portfolio activity Exercise- 12
13
Foundation Studio: Symlink
- Introduction to Symlink
- Practice manual symlink through a guided ai and data practice activity.
- Practice auto symlink through a guided ai and data practice activity.
- guided portfolio activity Exercise- 13
14
Practical Lab: Additional Content (WiFi, Email, Facebook, and Android Hacking)
- Introduction to Android Hacking Security
- What is email spoofing with Demonstration
- What is a Phishing Attack Demonstration
- How to Hack a Wifi Password
- guided portfolio activity Exercise- 14
15
Applied Workflow: Computer Hacking and Security
- Introduction to Computer Hacking (Darkcomet)
- How Hacker Spreads Virus Rat and Backdoor on Your Computer
- Complete Demonstration of Darkcomet
- Practice how to trace through a guided ai and data practice activity.
- How to Protect Your Computer
- guided portfolio activity Exercise- 15
16
Portfolio Sprint: AI and Data Practice Review
- Review the major ai and data practice concepts through a guided recap.
- Organize class practice into a simple portfolio-ready workflow.
- Apply the learned process on a realistic task with instructor guidance.
- Prepare next-step notes for continued practice after course completion.