This course takes you through the complex world of full-stack web exploitation, focusing on real-world attack vectors used in modern web applications. You will begin with an overview of web security challenges and progress to advanced techniques such as bypassing Content Security Policy (CSP) with various methods. Each section provides practical demonstrations that showcase vulnerabilities found in popular web frameworks and libraries.
Web Hacking Expert - Full-Stack Exploitation Mastery
Instructor: Packt - Course Instructors
Sponsored by IEM UEM Group
Recommended experience
What you'll learn
Analyze how hackers can bypass Content Security Policy (CSP) in modern web applications.
Evaluate web applications' vulnerability to race condition attacks.
Apply techniques to identify HTTP parameter pollution, subdomain takeover, and clickjacking risks.
Details to know
Add to your LinkedIn profile
3 assignments
October 2024
See how employees at top companies are mastering in-demand skills
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV
Share it on social media and in your performance review
There are 6 modules in this course
In this module, we will introduce the course, outlining the major sections and the key concepts learners will explore. You will gain an understanding of how this course is structured to enhance your knowledge of web application security.
What's included
1 video
In this module, we will delve into various methods for bypassing Content Security Policy (CSP) in modern web applications. You will explore several techniques using ajax.googleapis.com, Flash files, polyglot files, and AngularJS to better understand the vulnerabilities CSP can introduce.
What's included
5 videos
In this module, we will explore the exploitation of web applications using PDFs, images, and links. Through practical examples, you will learn how token hijacking and XSS attacks work and how attackers manipulate user redirection, focusing on key vulnerabilities like tabnabbing.
What's included
7 videos1 assignment
In this module, we will investigate the vulnerabilities found in AngularJS applications. You will learn about template injection, $scope hacking, and how these weaknesses can be exploited by attackers. Additionally, we will explore techniques that go beyond $scope and demonstrate hacking static templates.
What's included
6 videos
In this module, we will explore the concept of race conditions in web applications and how attackers exploit them. Through case studies, including multithreading attacks to steal money and abuse discount codes, you will learn how race conditions create critical vulnerabilities in web systems.
What's included
5 videos
In this module, we will cover full-stack attacks on modern web applications, focusing on HTTP parameter pollution, subdomain takeovers, and account takeovers through clickjacking. You will gain hands-on experience with these critical vulnerabilities and learn mitigation strategies to protect web applications.
What's included
7 videos2 assignments
Instructor
Offered by
Why people choose Coursera for their career
Recommended if you're interested in Computer Science
Open new doors with Coursera Plus
Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription
Advance your career with an online degree
Earn a degree from world-class universities - 100% online
Join over 3,400 global companies that choose Coursera for Business
Upskill your employees to excel in the digital economy