Web Application Penetration Testing: Client-side Testing
By Prasad Salvi
Course info



Course info



Description
Hackers are getting access to your sensitive data by exploiting client-side vulnerabilities. In this course, Web Application Penetration Testing: Client-side Testing, you will gain the ability to perform different client-side attack techniques. First, you will learn Cross-Site Scripting (XSS) attacks. Next, you will discover how to test for HTML injection and URL redirects. Finally, you will learn how to test for Clickjacking attacks, testing local, and session storage. When you’re finished with this course, you will have the skills and knowledge of client-side testing needed to perform web application penetration testing and mitigate those attacks.
Section Introduction Transcripts
Course Overview
Hi everyone. My name is Prasad Salvi, and welcome to my course, Web Application Penetration Testing: Client‑side Testing. I'm an application security consultant and a penetration tester at one of the largest merchant acquiring and payment processing companies. Did you know threat actors are more focused on smaller and targeted attacks directed at web and client‑side applications? This can quickly compromise your critical assets and information. This course is designed to expand your knowledge on different clients‑side attack techniques. We will be attacking web applications through a hands‑on approach using different scripts and Burp Suite as our pen testing tool of choice. Some of the major topics that we will cover include: cross‑site scripting attack and its different types, client‑side redirect, HTML injection, clickjacking, and storage mechanisms. By the end of this course, you will know how to perform all these attack techniques at a comfortable and efficient level to better perform a job as a pen tester. Before beginning the course, you should be familiar with JavaScript, security testing basics, and Burp Suite Proxy. The beginner courses in our penetration testing learning path can quickly get you up to speed. I hope you'll join me on this journey to learn about different attack techniques with the Web Application Penetration Testing: Client‑side Testing course, at Pluralsight.