پیشنهاد فرادرس

چالش های امنیت اپلیکیشن های تحت وب

دسته بندی ها: آموزش شبکه ، آموزش طراحی وب ، آموزش های PentesterAcademy

pentesteracademy-wap-challenges

در این آموزش تصویری با چالش های امنیت اپلیکیشن های تحت وب (Web Application Security Challenges) آشنا می شوید. امنیت برنامه های تحت وب بسیار مهم است که این دوره به کشف و اصلاح چالش های امنیتی در وب می پردازد. این دوره آموزشی محصول موسسه PentesterAcademy است.

سرفصل های دوره:

  • معرفی چالش ها
  • کار با فرم HTTP
  • اعتبارسنجی اولیه
  • نحوه کار اعتبار اولیه و فرم های Bruteforcing
  • معرفی Authentication
  • نحوه کرک کردن
  • نحوه تجزیه و تحلیل ID
  • نحوه رمز گشایی SSL
  • معرفی HTTP Forensics
  • کار با HTML
  • معرفی راه حل  های HTML Injection
  • کار با XSS
  • چالش های کار با XSS
  • راه حل های چالش های XSS
  • کار با Google XSS
  • معرفی چالش های Google XSS
  • تغییرمسیر Unvalidated
  • نحوه Hashing
  • کار با Hashing
  • نحوه رمزنگاری
  • کار با امنیت در برنامه
  • POST چیست؟
  • معرفی CSRF
  • و...

عنوان دوره: PentesterAcademy WAP Challengesتوضیحات:

We will be hosting interesting web application security challenges in this section for our students to try out. Challenges will be categorized into Beginner, Intermediate and Advanced Levels. We will either allow you to download Virtual Machines or point you to hosted sites which we have put up. 
In case you are new to web application security, please note that we have already started posting the videos of our Web Application Security Course. However, this section is independent of that course.

1 Section Introduction and Challenge 1 Section Introduction and Challenge 1 2 Challenge 1: Form Bruteforcing Solutions Challenge 1: Form Bruteforcing Solutions 3 Challenge 2: HTTP Form Attacks Reloaded Challenge 2: HTTP Form Attacks Reloaded 4 HTTP Basic Authentication Attack (Easy) HTTP Basic Authentication Attack (Easy) 5 Basic Authentication and Form Bruteforcing (Intermediate) Basic Authentication and Form Bruteforcing (Intermediate) 6 Challenge 2: HTTP Form Attacks Reloaded Solution Challenge 2: HTTP Form Attacks Reloaded Solution 7 HTTP Basic Authentication Attack - Solutions HTTP Basic Authentication Attack - Solutions 8 Basic Authentication and Form Bruteforcing - Solutions Basic Authentication and Form Bruteforcing - Solutions 9 Challenge 5: Digest Authentication Attack Challenge 5: Digest Authentication Attack 10 Challenge 6: Digest Authentication Reloaded Challenge 6: Digest Authentication Reloaded 11 Challenge 5: Digest Authentication Attack Solutions Challenge 5: Digest Authentication Attack Solutions 12 Challenge 6: Digest Authentication Reloaded Solutions Challenge 6: Digest Authentication Reloaded Solutions 13 Challenge 7: Cracking Digest Authentication Challenge 7: Cracking Digest Authentication 14 Challenge 7: Cracking Digest Authentication Solution Challenge 7: Cracking Digest Authentication Solution 15 Challenge 8: Broken Authentication Challenge 8: Broken Authentication 16 Challenge 8: Broken Authentication Solution Challenge 8: Broken Authentication Solution 17 Challenge 9: Session ID Analysis Challenge 9: Session ID Analysis 18 Challenge 9: Session ID Analysis Solution Challenge 9: Session ID Analysis Solution 19 Challenge 10: Session ID Analysis II Challenge 10: Session ID Analysis II 20 Challenge 11: Session ID Analysis III Challenge 11: Session ID Analysis III 21 Challenge 12: Decrypting SSL Traffic Challenge 12: Decrypting SSL Traffic 22 Challenge 12: Decrypting SSL Traffic Solution Challenge 12: Decrypting SSL Traffic Solution 23 Challenge 10: Session ID Analysis II Solutions Challenge 10: Session ID Analysis II Solutions 24 Challenge 11: Session ID Analysis III Solution Challenge 11: Session ID Analysis III Solution 25 Challenge 13: HTTP Forensics Challenge 13: HTTP Forensics 26 Challenge 13: HTTP Forensics Solutions Challenge 13: HTTP Forensics Solutions 27 Challenge 14: HTTP Traffic File Carving Challenge 14: HTTP Traffic File Carving 28 Challenge 14: HTTP Traffic File Carving Solution Challenge 14: HTTP Traffic File Carving Solution 29 Challenge 15: HTTP Traffic File Carving II Challenge 15: HTTP Traffic File Carving II 30 Challenge 15: HTTP Traffic File Carving II Solutions Challenge 15: HTTP Traffic File Carving II Solutions 31 Challenge 16: HTML Injection Challenge 16: HTML Injection 32 Challenge 17: HTML Injection II Challenge 17: HTML Injection II 33 Challenge 18: HTML Injection III Challenge 18: HTML Injection III 34 Challenge 19: HTML Injection IV Challenge 19: HTML Injection IV 35 Challenge 16: HTML Injection Solution Challenge 16: HTML Injection Solution 36 Challenge 17: HTML Injection II Solution Challenge 17: HTML Injection II Solution 37 Challenge 18: HTML Injection III Solution Challenge 18: HTML Injection III Solution 38 Challenge 19: HTML Injection IV Solution Challenge 19: HTML Injection IV Solution 39 Challenge 20: XSS Challenge 20: XSS 40 Challenge 21: XSS II Challenge 21: XSS II 41 Challenge 20: XSS Solution Challenge 20: XSS Solution 42 Challenge 21: XSS II Solution Challenge 21: XSS II Solution 43 Challenge 22: XSS III Challenge 22: XSS III 44 Challenge 23: XSS IV Challenge 23: XSS IV 45 Challenge 24: XSS V Challenge 24: XSS V 46 Challenge 25: XSS VI Challenge 25: XSS VI 47 Challenge 26: XSS VII Challenge 26: XSS VII 48 Challenge 22: XSS III Solution Challenge 22: XSS III Solution 49 Challenge 23: XSS IV Solution Challenge 23: XSS IV Solution 50 Challenge 24: XSS V Solution Challenge 24: XSS V Solution 51 Challenge 25: XSS VI Solution Challenge 25: XSS VI Solution 52 Challenge 26: XSS VII Solution Challenge 26: XSS VII Solution 53 Challenge 27: XSS VIII Challenge 27: XSS VIII 54 Challenge 28: XSS IX Challenge 28: XSS IX 55 Challenge 27: XSS VIII Solution Challenge 27: XSS VIII Solution 56 Challenge 28: XSS IX Solution Challenge 28: XSS IX Solution 57 Challenge 29: XSS X Challenge 29: XSS X 58 Challenge 30: XSS XI Challenge 30: XSS XI 59 Challenge 29: XSS X Solution Challenge 29: XSS X Solution 60 Challenge 30: XSS XI Solution Challenge 30: XSS XI Solution 61 Challenge 31: XSS XII Challenge 31: XSS XII 62 Challenge 32: XSS XIII Challenge 32: XSS XIII 63 Challenge 31: XSS XII Solution Challenge 31: XSS XII Solution 64 Challenge 32: XSS XIII Solution Challenge 32: XSS XIII Solution 65 Challenge 33: XSS 14 Challenge 33: XSS 14 66 Challenge 33: XSS 14 Solution Challenge 33: XSS 14 Solution 67 Challenge 34: XSS 15 Challenge 34: XSS 15 68 Challenge 34: XSS 15 Solution Challenge 34: XSS 15 Solution 69 Challenge 35: XSS 16 Challenge 35: XSS 16 70 Challenge 35: XSS 16 Solution Challenge 35: XSS 16 Solution 71 Challenge 36: XSS 17 Challenge 36: XSS 17 72 Challenge 36: XSS 17 Solution Challenge 36: XSS 17 Solution 73 Google XSS Challenge 1 Google XSS Challenge 1 74 Google XSS Challenge 2 Google XSS Challenge 2 75 Google XSS Challenge 3 Google XSS Challenge 3 76 Google XSS Challenge 4 Google XSS Challenge 4 77 Google XSS Challenge 5 Google XSS Challenge 5 78 Google XSS Challenge 6 Google XSS Challenge 6 79 Unvalidated Redirects: As Easy as it Gets Unvalidated Redirects: As Easy as it Gets 80 Unvalidated Redirects: Decode Me! Unvalidated Redirects: Decode Me! 81 Unvalidated Redirects: Daisy Chains! Unvalidated Redirects: Daisy Chains! 82 Unvalidated Redirects: Hashing Unvalidated Redirects: Hashing 83 Unvalidated Redirects: Hash with a Predictable Salt Unvalidated Redirects: Hash with a Predictable Salt 84 Unvalidated Redirects: As Easy as it Gets (Solution) Unvalidated Redirects: As Easy as it Gets (Solution) 85 Unvalidated Redirects: Decode Me! (Solution) Unvalidated Redirects: Decode Me! (Solution) 86 Unvalidated Redirects: No Hints this Time! Unvalidated Redirects: No Hints this Time! 87 Unvalidated Redirects: Salt is included FREE! Unvalidated Redirects: Salt is included FREE! 88 Unvalidated Redirects: Security through Obscurity! Unvalidated Redirects: Security through Obscurity! 89 Unvalidated Redirects: Daisy Chains! (Solution) Unvalidated Redirects: Daisy Chains! (Solution) 90 Unvalidated Redirects: Hashing (Solution) Unvalidated Redirects: Hashing (Solution) 91 Unvalidated Redirects: Hash with a Predictable Salt (solution) Unvalidated Redirects: Hash with a Predictable Salt (solution) 92 Unvalidated Redirects: No Hints this Time! (solution) Unvalidated Redirects: No Hints this Time! (solution) 93 Unvalidated Redirects: Salt is included FREE! (solution) Unvalidated Redirects: Salt is included FREE! (solution) 94 Unvalidated Redirects: Security through Obscurity (solution) Unvalidated Redirects: Security through Obscurity (solution) 95 CSRF: If only all Pentests were this Easy! CSRF: If only all Pentests were this Easy! 96 CSRF: Not All Links are Clickable CSRF: Not All Links are Clickable 97 CSRF: No he won't click your links! CSRF: No he won't click your links! 98 CSRF: How about a POST? CSRF: How about a POST? 99 CSRF: Would hate a predictable life! CSRF: Would hate a predictable life! 100 CSRF: Mutual Exclusivity is Important for Secrecy! CSRF: Mutual Exclusivity is Important for Secrecy! 101 CSRF: Wow! This just got hard! CSRF: Wow! This just got hard! 102 CSRF: We only hire after Reference Checks! CSRF: We only hire after Reference Checks! 103 CSRF: What's in a Name? CSRF: What's in a Name? 104 CSRF: Custom Code is Always a Target! CSRF: Custom Code is Always a Target! 105 CSRF: O! Token Where do you hide? CSRF: O! Token Where do you hide? 106 CSRF: The Web is Cross Domain :) CSRF: The Web is Cross Domain :) 107 CSRF: If only all Pentests were this Easy! (solution) CSRF: If only all Pentests were this Easy! (solution) 108 CSRF: Not All Links are Clickable (solution) CSRF: Not All Links are Clickable (solution) 109 CSRF: No he won't click your links! (solution) CSRF: No he won't click your links! (solution) 110 CSRF: How about a POST? (solution) CSRF: How about a POST? (solution) 111 CSRF: Would hate a predictable life! (solution) CSRF: Would hate a predictable life! (solution) 112 CSRF: Mutual Exclusivity is Important for Secrecy! (solution) CSRF: Mutual Exclusivity is Important for Secrecy! (solution) 113 CSRF: Wow! This just got hard! (solution) CSRF: Wow! This just got hard! (solution) 114 CSRF: We only hire after Reference Checks! (solution) CSRF: We only hire after Reference Checks! (solution) 115 CSRF: What's in a Name? (solution) CSRF: What's in a Name? (solution) 116 CSRF: Custom Code is Always a Target! (solution) CSRF: Custom Code is Always a Target! (solution) 117 CSRF: O! Token Where do you hide? (solution) CSRF: O! Token Where do you hide? (solution) 118 CSRF: The Web is Cross Domain :) (solution) CSRF: The Web is Cross Domain :) (solution) a SecurityTube.net initiative | Copyright 2013 © Binary Security Innovative Solutions

حجم فایل: 4GB

به این نوشته امتیاز دهید 1 2 3 4 5 بدون امتیاز
Pentester Academy WAP Challenges

پیشنهاد فرادرس

ramin در 1395/08/06 ساعت 14:05

عالی عالی...خواهشن ادامه پیدا کنه