Pentester_Academy_WAP_Challenges

در این آموزش تصویری با چالش های امنیت اپلیکیشن های تحت وب (Web Application Security Challenges) آشنا می شوید. امنیت برنامه های تحت وب بسیار مهم است که این دوره به کشف و اصلاح چالش های امنیتی در وب می پردازد.
این دوره آموزشی محصول موسسه PentesterAcademy است.

سرفصل های دوره:

  • معرفی چالش ها
  • کار با فرم HTTP
  • اعتبارسنجی اولیه
  • نحوه کار اعتبار اولیه و فرم های Bruteforcing
  • معرفی Authentication
  • نحوه کرک کردن
  • نحوه تجزیه و تحلیل ID
  • نحوه رمز گشایی SSL
  • معرفی HTTP Forensics
  • کار با HTML
  • معرفی راه حل  های HTML Injection
  • کار با XSS
  • چالش های کار با XSS
  • راه حل های چالش های XSS
  • کار با Google XSS
  • معرفی چالش های Google XSS
  • تغییرمسیر Unvalidated
  • نحوه Hashing
  • کار با Hashing
  • نحوه رمزنگاری
  • کار با امنیت در برنامه
  • POST چیست؟
  • معرفی CSRF
  • و…

عنوان دوره: PentesterAcademy WAP Challenges

توضیحات:

We will be hosting interesting web application security challenges in this section for our students to try out. Challenges will be categorized into Beginner, Intermediate and Advanced Levels. We will either allow you to download Virtual Machines or point you to hosted sites which we have put up. 
In case you are new to web application security, please note that we have already started posting the videos of our Web Application Security Course. However, this section is independent of that course.

1 Section Introduction and Challenge 1
Section Introduction and Challenge 1  
2 Challenge 1: Form Bruteforcing Solutions
Challenge 1: Form Bruteforcing Solutions  
3 Challenge 2: HTTP Form Attacks Reloaded
Challenge 2: HTTP Form Attacks Reloaded  
4 HTTP Basic Authentication Attack (Easy)
HTTP Basic Authentication Attack (Easy)  
5 Basic Authentication and Form Bruteforcing (Intermediate)
Basic Authentication and Form Bruteforcing (Intermediate)  
6 Challenge 2: HTTP Form Attacks Reloaded Solution
Challenge 2: HTTP Form Attacks Reloaded Solution  
7 HTTP Basic Authentication Attack - Solutions
HTTP Basic Authentication Attack - Solutions  
8 Basic Authentication and Form Bruteforcing - Solutions
Basic Authentication and Form Bruteforcing - Solutions  
9 Challenge 5: Digest Authentication Attack
Challenge 5: Digest Authentication Attack  
10 Challenge 6: Digest Authentication Reloaded
Challenge 6: Digest Authentication Reloaded  
11 Challenge 5: Digest Authentication Attack Solutions
Challenge 5: Digest Authentication Attack Solutions  
12 Challenge 6: Digest Authentication Reloaded Solutions
Challenge 6: Digest Authentication Reloaded Solutions  
13 Challenge 7: Cracking Digest Authentication
Challenge 7: Cracking Digest Authentication  
14 Challenge 7: Cracking Digest Authentication Solution
Challenge 7: Cracking Digest Authentication Solution  
15 Challenge 8: Broken Authentication
Challenge 8: Broken Authentication  
16 Challenge 8: Broken Authentication Solution
Challenge 8: Broken Authentication Solution  
17 Challenge 9: Session ID Analysis
Challenge 9: Session ID Analysis  
18 Challenge 9: Session ID Analysis Solution
Challenge 9: Session ID Analysis Solution  
19 Challenge 10: Session ID Analysis II
Challenge 10: Session ID Analysis II  
20 Challenge 11: Session ID Analysis III
Challenge 11: Session ID Analysis III  
21 Challenge 12: Decrypting SSL Traffic
Challenge 12: Decrypting SSL Traffic  
22 Challenge 12: Decrypting SSL Traffic Solution
Challenge 12: Decrypting SSL Traffic Solution  
23 Challenge 10: Session ID Analysis II Solutions
Challenge 10: Session ID Analysis II Solutions  
24 Challenge 11: Session ID Analysis III Solution
Challenge 11: Session ID Analysis III Solution  
25 Challenge 13: HTTP Forensics
Challenge 13: HTTP Forensics  
26 Challenge 13: HTTP Forensics Solutions
Challenge 13: HTTP Forensics Solutions  
27 Challenge 14: HTTP Traffic File Carving
Challenge 14: HTTP Traffic File Carving  
28 Challenge 14: HTTP Traffic File Carving Solution
Challenge 14: HTTP Traffic File Carving Solution  
29 Challenge 15: HTTP Traffic File Carving II
Challenge 15: HTTP Traffic File Carving II  
30 Challenge 15: HTTP Traffic File Carving II Solutions
Challenge 15: HTTP Traffic File Carving II Solutions  
31 Challenge 16: HTML Injection
Challenge 16: HTML Injection  
32 Challenge 17: HTML Injection II
Challenge 17: HTML Injection II  
33 Challenge 18: HTML Injection III
Challenge 18: HTML Injection III  
34 Challenge 19: HTML Injection IV
Challenge 19: HTML Injection IV  
35 Challenge 16: HTML Injection Solution
Challenge 16: HTML Injection Solution  
36 Challenge 17: HTML Injection II Solution
Challenge 17: HTML Injection II Solution  
37 Challenge 18: HTML Injection III Solution
Challenge 18: HTML Injection III Solution  
38 Challenge 19: HTML Injection IV Solution
Challenge 19: HTML Injection IV Solution  
39 Challenge 20: XSS
Challenge 20: XSS  
40 Challenge 21: XSS II
Challenge 21: XSS II  
41 Challenge 20: XSS Solution
Challenge 20: XSS Solution  
42 Challenge 21: XSS II Solution
Challenge 21: XSS II Solution  
43 Challenge 22: XSS III
Challenge 22: XSS III  
44 Challenge 23: XSS IV
Challenge 23: XSS IV  
45 Challenge 24: XSS V
Challenge 24: XSS V  
46 Challenge 25: XSS VI
Challenge 25: XSS VI  
47 Challenge 26: XSS VII
Challenge 26: XSS VII  
48 Challenge 22: XSS III Solution
Challenge 22: XSS III Solution  
49 Challenge 23: XSS IV Solution
Challenge 23: XSS IV Solution  
50 Challenge 24: XSS V Solution
Challenge 24: XSS V Solution  
51 Challenge 25: XSS VI Solution
Challenge 25: XSS VI Solution  
52 Challenge 26: XSS VII Solution
Challenge 26: XSS VII Solution  
53 Challenge 27: XSS VIII
Challenge 27: XSS VIII  
54 Challenge 28: XSS IX
Challenge 28: XSS IX  
55 Challenge 27: XSS VIII Solution
Challenge 27: XSS VIII Solution  
56 Challenge 28: XSS IX Solution
Challenge 28: XSS IX Solution  
57 Challenge 29: XSS X
Challenge 29: XSS X  
58 Challenge 30: XSS XI
Challenge 30: XSS XI  
59 Challenge 29: XSS X Solution
Challenge 29: XSS X Solution  
60 Challenge 30: XSS XI Solution
Challenge 30: XSS XI Solution  
61 Challenge 31: XSS XII
Challenge 31: XSS XII  
62 Challenge 32: XSS XIII
Challenge 32: XSS XIII  
63 Challenge 31: XSS XII Solution
Challenge 31: XSS XII Solution  
64 Challenge 32: XSS XIII Solution
Challenge 32: XSS XIII Solution  
65 Challenge 33: XSS 14
Challenge 33: XSS 14  
66 Challenge 33: XSS 14 Solution
Challenge 33: XSS 14 Solution  
67 Challenge 34: XSS 15
Challenge 34: XSS 15  
68 Challenge 34: XSS 15 Solution
Challenge 34: XSS 15 Solution  
69 Challenge 35: XSS 16
Challenge 35: XSS 16  
70 Challenge 35: XSS 16 Solution
Challenge 35: XSS 16 Solution  
71 Challenge 36: XSS 17
Challenge 36: XSS 17  
72 Challenge 36: XSS 17 Solution
Challenge 36: XSS 17 Solution  
73 Google XSS Challenge 1
Google XSS Challenge 1  
74 Google XSS Challenge 2
Google XSS Challenge 2  
75 Google XSS Challenge 3
Google XSS Challenge 3  
76 Google XSS Challenge 4
Google XSS Challenge 4  
77 Google XSS Challenge 5
Google XSS Challenge 5  
78 Google XSS Challenge 6
Google XSS Challenge 6  
79 Unvalidated Redirects: As Easy as it Gets
Unvalidated Redirects: As Easy as it Gets  
80 Unvalidated Redirects: Decode Me!
Unvalidated Redirects: Decode Me!  
81 Unvalidated Redirects: Daisy Chains!
Unvalidated Redirects: Daisy Chains!  
82 Unvalidated Redirects: Hashing
Unvalidated Redirects: Hashing  
83 Unvalidated Redirects: Hash with a Predictable Salt
Unvalidated Redirects: Hash with a Predictable Salt  
84 Unvalidated Redirects: As Easy as it Gets (Solution)
Unvalidated Redirects: As Easy as it Gets (Solution)  
85 Unvalidated Redirects: Decode Me! (Solution)
Unvalidated Redirects: Decode Me! (Solution)  
86 Unvalidated Redirects: No Hints this Time!
Unvalidated Redirects: No Hints this Time!  
87 Unvalidated Redirects: Salt is included FREE!
Unvalidated Redirects: Salt is included FREE!  
88 Unvalidated Redirects: Security through Obscurity!
Unvalidated Redirects: Security through Obscurity!  
89 Unvalidated Redirects: Daisy Chains! (Solution)
Unvalidated Redirects: Daisy Chains! (Solution)  
90 Unvalidated Redirects: Hashing (Solution)
Unvalidated Redirects: Hashing (Solution)  
91 Unvalidated Redirects: Hash with a Predictable Salt (solution)
Unvalidated Redirects: Hash with a Predictable Salt (solution)  
92 Unvalidated Redirects: No Hints this Time! (solution)
Unvalidated Redirects: No Hints this Time! (solution)  
93 Unvalidated Redirects: Salt is included FREE! (solution)
Unvalidated Redirects: Salt is included FREE! (solution)  
94 Unvalidated Redirects: Security through Obscurity (solution)
Unvalidated Redirects: Security through Obscurity (solution)  
95 CSRF: If only all Pentests were this Easy!
CSRF: If only all Pentests were this Easy!  
96 CSRF: Not All Links are Clickable
CSRF: Not All Links are Clickable  
97 CSRF: No he won't click your links!
CSRF: No he won't click your links!  
98 CSRF: How about a POST?
CSRF: How about a POST?  
99 CSRF: Would hate a predictable life!
CSRF: Would hate a predictable life!  
100 CSRF: Mutual Exclusivity is Important for Secrecy!
CSRF: Mutual Exclusivity is Important for Secrecy!  
101 CSRF: Wow! This just got hard!
CSRF: Wow! This just got hard!  
102 CSRF: We only hire after Reference Checks!
CSRF: We only hire after Reference Checks!  
103 CSRF: What's in a Name?
CSRF: What's in a Name?  
104 CSRF: Custom Code is Always a Target!
CSRF: Custom Code is Always a Target!  
105 CSRF: O! Token Where do you hide?
CSRF: O! Token Where do you hide?  
106 CSRF: The Web is Cross Domain :)
CSRF: The Web is Cross Domain :)  
107 CSRF: If only all Pentests were this Easy! (solution)
CSRF: If only all Pentests were this Easy! (solution)  
108 CSRF: Not All Links are Clickable (solution)
CSRF: Not All Links are Clickable (solution)  
109 CSRF: No he won't click your links! (solution)
CSRF: No he won't click your links! (solution)  
110 CSRF: How about a POST? (solution)
CSRF: How about a POST? (solution)  
111 CSRF: Would hate a predictable life! (solution)
CSRF: Would hate a predictable life! (solution)  
112 CSRF: Mutual Exclusivity is Important for Secrecy! (solution)
CSRF: Mutual Exclusivity is Important for Secrecy! (solution)  
113 CSRF: Wow! This just got hard! (solution)
CSRF: Wow! This just got hard! (solution)  
114 CSRF: We only hire after Reference Checks! (solution)
CSRF: We only hire after Reference Checks! (solution)  
115 CSRF: What's in a Name? (solution)
CSRF: What's in a Name? (solution)  
116 CSRF: Custom Code is Always a Target! (solution)
CSRF: Custom Code is Always a Target! (solution)  
117 CSRF: O! Token Where do you hide? (solution)
CSRF: O! Token Where do you hide? (solution)  
118 CSRF: The Web is Cross Domain :) (solution)
CSRF: The Web is Cross Domain :) (solution)  
a SecurityTube.net initiative | Copyright 2013 © Binary Security Innovative Solutions

حجم فایل: 4GB