This module is the introduction to the website penetration testing course
This module will teach you how to gather information about the target in order to attack it.
This module will teach you how to scan the web application for security flaws using various of tools.
This module will teach you about a vulnerability called SQL Injection
Cross Site Scripting
This module will teach you a very common vulnerability called Cross Site Scripting.
OS Command Injection
This module will teach you about a vulnerability called Command Injection.
LFI / RFI (Local & Remote File Inclusion)
This module will teach you how to test and attack LFI & RFI vulnerabilities.
IDOR (Insecure Direct Object Reference)
This module will teach you a vulnerability called Insecure Direct Object Reference (IDOR)
Why do websites get hacked?
Why Do Websites Get Hacked?
When a company thinks of an idea for a website or an app, they usually have time constraints to finish particular tasks.
They often want to get the website out before someone else comes up with the same idea before them.
So, very small businesses will often have lazy programmers that will implement vulnerable components or modules.
For large business’s like facebook, google, twitter, they will more than likely have hackers working for them fixing bugs.
Luckily there are programs called bug bounties that allow hackers to find vulnerabilities for top websites and report them, they have strict rules
if you find a vulnerability you cannot tell anyone about it but, when the vulnerability gets approved you can get quite a bit of money.
But this does not mean that the top websites like Facebook are 100% hack proof because they’re not.