Web Pentesting-(Web Security Vulnerabilities and Exploits)
From 44.57 Fr /h
Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical course has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications and review the latest attack techniques that have been developed, particularly in relation to the client side.
Extra information
I. Web Architecture:
1. What is a Server?
2. Types of Servers.
3. Networking Basics.
4. Web Servers.
5. Virtual terminal services.
6. “Client-Server” architecture.
7. Creating a simple HTML page.
8. Hyper Text Transfer Protocol.
9. Intercepting the “GET” request in “Burp Suite”.
10. Web Versions (Web 2.0).
11. Web Architecture (Front-end, Back-end and Database).
12. Cookies.
II. Web security vulnerabilities (Client-Side):
1. Web-Sockets security vulnerabilities.
2. Clickjacking (UI redressing).
3. Cross-Site Scripting (XSS).
4. Cross-Site Request Forgery (CSRF).
5. Cross-Origin Resource Sharing (CORS).
6. Document Object Model (DOM)-based vulnerabilities.
1. What is a Server?
2. Types of Servers.
3. Networking Basics.
4. Web Servers.
5. Virtual terminal services.
6. “Client-Server” architecture.
7. Creating a simple HTML page.
8. Hyper Text Transfer Protocol.
9. Intercepting the “GET” request in “Burp Suite”.
10. Web Versions (Web 2.0).
11. Web Architecture (Front-end, Back-end and Database).
12. Cookies.
II. Web security vulnerabilities (Client-Side):
1. Web-Sockets security vulnerabilities.
2. Clickjacking (UI redressing).
3. Cross-Site Scripting (XSS).
4. Cross-Site Request Forgery (CSRF).
5. Cross-Origin Resource Sharing (CORS).
6. Document Object Model (DOM)-based vulnerabilities.
Location
At teacher's location :
- جناح, Jnah, Lebanon
Online from Lebanon
About Me
- Collaborating as an Associate Researcher in Lab-STICC at ENSTA-Bretagne since April 2021 till present.
- Working as an Assistant professor in different universities (AUL, AUCE and MUBS) since Dec 2018 till present.
- Elected to the grade of "IEEE Senior Member" since Dec 2020.
- Enrolled as a Post-Doc in Lab-STICC at ENSTA-Bretagne (2019 - 2020).
- Obtained my Ph.D. degree in "Telecommunication" from "Ecole Nationale Supérieure de Techniques Avancées Bretagne (ENSTA-Bretagne)" (Brest, France) in Dec 2018.
- Worked as a Lecturer and Lab Instructor in the higher education field and delivered networking courses and ICT programs in classrooms and online courses (2006-2018).
- First author of several papers in prestigious international conferences and journals, such as the Journal of Engineering, IET Communication, and IEEE conferences.
- My current research focuses on: IoT, MIoT, IoT security, and Cyber Security.
- Working as an Assistant professor in different universities (AUL, AUCE and MUBS) since Dec 2018 till present.
- Elected to the grade of "IEEE Senior Member" since Dec 2020.
- Enrolled as a Post-Doc in Lab-STICC at ENSTA-Bretagne (2019 - 2020).
- Obtained my Ph.D. degree in "Telecommunication" from "Ecole Nationale Supérieure de Techniques Avancées Bretagne (ENSTA-Bretagne)" (Brest, France) in Dec 2018.
- Worked as a Lecturer and Lab Instructor in the higher education field and delivered networking courses and ICT programs in classrooms and online courses (2006-2018).
- First author of several papers in prestigious international conferences and journals, such as the Journal of Engineering, IET Communication, and IEEE conferences.
- My current research focuses on: IoT, MIoT, IoT security, and Cyber Security.
Education
- Ph.D. in Telecommunication, ENSTA-Bretagne, Brest-France (2018)
- Master of Science & Communication, Arts, Sciences and Technology University, Lebanon
(2010)
- Bachelor of Engineering, Damascus University, Syria (1997)
- Master of Science & Communication, Arts, Sciences and Technology University, Lebanon
(2010)
- Bachelor of Engineering, Damascus University, Syria (1997)
Experience / Qualifications
Teaching the following courses at different universities:
- Web Pentesting
- Cybersecurity
- Intro to Cybersecurity
- Technical Writing with Latex
- Research Methods
- Modeling IoT Networks
- Simulating IoT Networks
- Programming IoT Networks with Arduino
- Intro to IoT Networks
- Advanced Networks
- Technical Writing
- Networking Essentials
- CCNA Academic Courses & Labs
- Web Pentesting
- Cybersecurity
- Intro to Cybersecurity
- Technical Writing with Latex
- Research Methods
- Modeling IoT Networks
- Simulating IoT Networks
- Programming IoT Networks with Arduino
- Intro to IoT Networks
- Advanced Networks
- Technical Writing
- Networking Essentials
- CCNA Academic Courses & Labs
Age
Adults (18-64 years old)
Student level
Beginner
Intermediate
Duration
60 minutes
The class is taught in
English
Arabic
Reviews
Availability of a typical week
(GMT -05:00)
New York
At teacher's location and via webcam
Mon
Tue
Wed
Thu
Fri
Sat
Sun
00-04
04-08
08-12
12-16
16-20
20-24
Our course objectives are structured to cover three main areas: First, the students should understand the basic concepts of a simulator, second, they should understand how the TCP/IP protocol suite is modelled in OMNeT++ and third, they should understand how to analyse a TCP/IP based communication network. After the completion of exercises, the students are expected to have a sound knowledge of using OMNeT++ with the INET framework to analyse a communication network. Finally, the student will learn how to model different IoT networks in SimuLTE modeler.
This course provides an exploratory study of cybersecurity concepts, principles, and technologies. Major topics covered include cyber threats and vulnerabilities, information security frameworks, network infrastructure security, wireless network security, cryptography, defense-in-depth security strategy, information security policy, and security management.
Show more
Similar classes
Similar classes
Good-fit Instructor Guarantee
Contact Dr. Hani