Web Hacker's Toolbox - Tools Used by Successful Hackers

Web Hacker's Toolbox - Tools Used by Successful Hackers

Instructor: Packt - Course Instructors

Sponsored by Louisiana Workforce Commission

5 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

4 hours to complete

3 weeks at 1 hour a week

Flexible schedule

Learn at your own pace

5 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

4 hours to complete

3 weeks at 1 hour a week

Flexible schedule

Learn at your own pace

What you'll learn

Apply Sqlmap to find SQL injections within minutes
Analyze web applications to detect security weaknesses using Google Hacking
Execute fuzzing techniques with Burp Suite Intruder to uncover vulnerabilities
Demonstrate the exploitation of race conditions using OWASP ZAP

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

3 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV

Share it on social media and in your performance review

There are 5 modules in this course

Ethical hackers and penetration testers need an efficient toolbox and a step-by-step guide to use these tools effectively. This course covers:

- Sqlmap for SQL injection detection, - Google Hacking for identifying security weaknesses, - Fuzzing with Burp Suite Intruder. - How to exploit race conditions using OWASP ZAP. By the end of the course, you'll be equipped to use these tools in your penetration testing projects. The course is ideal for intermediate-level penetration testers, ethical hackers, bug hunters, and security engineers/consultants. It offers a practical, hands-on approach with real-world case studies and expert tips, enhancing your pentesting skills and aligning you with industry standards. Basic hacking skills are required; no installation videos are included.

In this module, we will provide a comprehensive overview of the course. You'll gain insights into what topics will be covered, how the course is structured, and the expected outcomes. This foundational knowledge will set the stage for your learning journey.

What's included

1 video

In this module, we will delve into the powerful tool, Sqlmap, used by hackers to find SQL injections quickly. You will learn the basics of Sqlmap through both theoretical overviews and practical demos, explore how to dump database entries, and understand the transition from SQL injection to remote code execution. Additionally, advanced testing techniques and methods to bypass web application firewalls will be covered.

What's included

12 videos

12 videosTotal 67 minutes

Introduction10 minutesPreview module
The Basics of Sqlmap - Overview6 minutes
The Basics of Sqlmap - Demo4 minutes
Dumping Database Table Entries - Overview2 minutes
Dumping Database Table Entries - Demo3 minutes
From SQL Injection to Remote Code Execution - Overview4 minutes
From SQL Injection to Remote Code Execution - Demo4 minutes
More Advanced Testing with Sqlmap - Overview7 minutes
More Advanced Testing with Sqlmap - Demo6 minutes
Bypassing Web Application Firewalls - Overview7 minutes
Bypassing Web Application Firewalls - Demo4 minutes
Summary5 minutes

In this module, we will explore Google Hacking, a method used to find security vulnerabilities in web applications through advanced search techniques. You will learn how to uncover directory listings, SQL syntax errors, exposed backup files, internal server errors, and sensitive data in URLs. Case studies and practical examples will illustrate these concepts, along with strategies to prevent Google indexing.

What's included

11 videos1 assignment

11 videosTotal 30 minutes

Introduction2 minutesPreview module
Google Hacking: Finding Directory Listings2 minutes
Google Hacking: Finding SQL Syntax Errors3 minutes
Google Hacking: Finding Publicly Exposed Backup Files2 minutes
Google Hacking: Finding Internal Server Errors2 minutes
Google Hacking: Finding Sensitive Data in URLs3 minutes
Google Hacking: Finding Insecure HTTP Web Pages3 minutes
Google Hacking Database2 minutes
Case Study: Microsoft Yammer Social Network1 minute
How to Prevent Google Indexing from Happening1 minute
Summary3 minutes

1 assignmentTotal 15 minutes

Assessment 115 minutes

In this module, we will cover the essentials of fuzzing and how to use Burp Suite Intruder for security testing. You will gain hands-on experience through demos on fuzzing for SQL injection and path traversal. Additionally, practical tips and advanced tricks will be shared to enhance your fuzzing techniques.

What's included

5 videos

In this module, we will explore the exploitation of race conditions using OWASP ZAP. Through detailed case studies, you will learn how attackers leverage multithreading conditions and reuse discount codes to steal money. The module includes in-depth discussions of award-winning race condition attacks, providing valuable insights into both offensive and defensive strategies.