OffSec - WEB200

WEB-200: Foundational Web Application Assessments with Kali Linux(線上課程及認證考試方案)

WEB-200: Foundational Web Application Assessments with Kali Linux
  • 時數:0小時
  • 費用:NT$ 57,570
  • 點數:不適用企業點數

選擇查詢分區開課時間

地點 班號 日期 時間 預約

目前查無開課時段

詳細開課時間請洽詢業務
新竹、台中、高雄如有上課需求,請參考台北開課日期,洽當地服務人員依需求加開遠距開課日期

聯絡恆逸

教材

原廠電子教材

課程目標

Learn the foundations of web application assessments with Foundational Web Application Assessments with Kali Linux (WEB-200). Learners who complete the course and pass the exam will earn the OffSec Web Assessor (OSWA) certification and will demonstrate their ability to leverage web exploitation techniques on modern applications. This course teaches learners how to discover and exploit common web vulnerabilities and how to exfiltrate sensitive data from target web applications. Learners that complete the course will obtain a wide variety of skill sets and competencies for web app assessments.

線上課程方案介紹 (恆逸金銀卡會員另有優惠)

● Course & Cert Exam Bundle:NT57,570/一次性(含90天Lab與1次考試)

● Learn One: NT90,490/一年(含365天Lab與2次考試)

● Learn Unlimited:NT200,000/(含365天Lab與無限次考試)

適合對象

  1. Job roles like: Web Penetration Testers, Pentesters, Web Application Developers, Application Security Analysts, Application Security Architects, and SOC Analysts and other blue team members
  2. Anyone interested in expanding their understanding of Web Application Attacks, and/or Infra Pentesters looking to broaden their skill sets and Web App expertise

預備知識

  1. WEB-100: Web Application Basics
  2. WEB-100: Linux Basics 1 & 2
  3. WEB-100: Networking Basics

課程內容

  1. Introduction to WEB200
  2. Tools
  3. Cross-Site Scripting Introduction and Discovery
  4. Cross-Site Scripting Exploitation and Case Study
  5. Cross-Origin Attacks
  6. Introduction to SQL
  7. SQL Injection
  8. Directory Traversal Attacks
  9. XML External Entities
  10. Server-side Template Injection - Discovery and Exploitation
  11. Command Injection
  12. Server-side Request Forgery
  13. Insecure Direct Object Referencing
  14. Assembling the Pieces: Web Application Assessment Breakdown

學會技能

  1. Enumerate web applications and four common database management systems
  2. Manually discover and exploit common web application vulnerabilities
  3. Go beyond alert() and actually exploit other users with cross-site scripting
  4. Exploit six different templating engines, often leading to RCE

備註事項

報名請上OffSec全系列線上課程平台

推薦課程