Google Dorking [FREE COURSE CONTENT]

In this video from our new Web app attacks and API hacking online course we will see how Google dorking works, and how it can be used when testing the security of web applications. Let's get right into it! 



The Internet is full of so many web applications, and no product is 100% perfect. Companies perform functional testing and stress testing to make sure they operate smoothly, but to ensure they are safe and secure you need security testing, through pentests and vulnerability assessments. This course is all about Web Application Penetration Testing and finding security holes in those applications.Through concepts, tools, and lots of practice you will train to find them and use them to make applications more secure. You will be able to use that knowledge in your everyday job, or utilize it to participate in bug bounty programs!

During the course, we will solve some CTF and other challenges available online as a bonus.

In the first module uf the course: 

In order to move along with the instructor, it is necessary for everyone to be on the same page. Therefore, setting up the lab and its usage is important. We will also have an overview of OWASP Top 10 and the OWASP Testing Guide to set the foundation for practical testing in later modules.

Covered topics: 

  • Kali Linux installation/ova file import
  • Importing the vulnerable machine prepared by the instructor
  • Setting up Burp Suite
  • OWASP Top 10 Overview
  • OWASP Testing Guide
  • HTTP and HTTPS for web application pentests
  • Setting up Burp and Zap to work against HTTPS and HTTP communication
  • Testing for HTTP methods
  • Response headers and what they mean
  • Testing using Burp and testing using Zap in practice
  • Differences between Burp and Zap
  • Combining Burp Community Edition and Zap to get results as if you were using Burp Pro
  • Google Dorking to find vulnerable domains instantly. Combining the dorks with tools to provide a better and faster result.
  • Wayback machine
  • All the different tools and techniques for finding subdomains

Related Posts

May 7, 2020
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013

Privacy Preference Center

Necessary

Cookies that are necessary for the site to function properly. This includes, storing the user's cookie consent state for the current domain, managing users carts to using the content network, Cloudflare, to identify trusted web traffic. See full Cookies declaration

gdpr, PYPF, woocommerce_cart_hash, woocommerce_items_in_cart, _wp_wocommerce_session, __cfduid [x2]

Marketing


tr, fr
ads/ga-audiences