Web applications provide an interface between end users and web servers through a set of web pages generated at the server end or that contain script code to be executed dynamically within the client Web browser.

Objective

The objective of this lab is to provide expert knowledge of web application vulnerabilities and web applications attacks such as:
Web Application Attacks
  • Parameter tampering
  • Directory traversals
  • Cross-Site Scripting (XSS)
  • Web Spidering
  • Cookie Poisoning and cookie parameter tampering
  • Securing web applications from hijacking

Scenario

A web application is an application that is accessed by users over a network such as the Internet or an intranet. The term may also mean a computer software application that is coded in a browser-supported programming language (such as JavaScript, combined with a browser-rendered markup language like HTML) and reliant on a common web browser to render the application executable.
 
Web applications are popular due to the ubiquity of web browsers, and the convenience of using a web browser as a client. The ability to update and maintain web applications without distributing and installing software on potentially thousands of client computers is a key reason for their popularity, as is the inherent support for cross-platform compatibility. Common web applications include webmail, online retail sales, online auctions, wikis and many other functions.
 
Web hacking refers to exploitation of applications via HTTP which can be done by manipulating the application via its graphical web interface, tampering the Uniform Resource Identifier (URI) or tampering HTTP elements not contained in the URI. Methods that can be used to hack web applications are SQL Injection attacks, Cross Site Scripting (XSS), Cross Site Request Forgeries (CSRF), Insecure Communications, etc.
 
As an expert Ethical Hacker and Security Administrator, you need to test web applications for cross-site scripting vulnerabilities, cookie hijacking, command injection attacks, and secure web applications from such attacks.

Hacking Web Applications Exercises

Ethical Hacking Exercises / Hacking Web ApplicationsĀ contains the following Exercises:

  • Hacking Web Applications
  • Website Vulnerability Scanning Using Acunetix WVS

The Virtual Private Cloud for this Lab set utilizes:


Ethical Hacking Exercises are available as part of the following subscription:

CEHproductimage

Each subscription provides 6 months access to over 75 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise.

Lab exercises are included for:

  • Footprinting and Reconnaissance
  • Scanning Networks
  • Enumeration
  • System Hacking
  • Trojans and Backdoors
  • Viruses and Worms
  • Sniffers
  • Social Engineering
  • Denial of Service
  • Session Hijacking
  • Hacking Webservers
  • Hacking Web Applications
  • SQL Injection
  • Hacking Wireless Networks
  • Evading IDS, Firewalls and Honeypots
  • Buffer Overflow
  • Cryptography
Price: $199
Add to Cart
View Cart