Hacking Web Applications and Penetration Testing: Fast Start2018-12-08T21:40:13+00:00

Project Description

Hacking Web Applications and Penetration Testing: Fast Start

Learn main aspects of Ethical Web Hacking, Penetration Testing and prevent vulnerabilities with this course

Take this course

Set up a virtual environment to practice without affecting main systems
Install Kali Linux – a penetration testing Debian distro
Install virtual system which has vulnerable web applications
Basic terms, standards, services, protocols and technologies
HTTP protocol, requests and responses
Intercepting HTTP traffic using a personal proxy
Gather sensitive information in websites
Find known vulnerabilities using vulnerability database
Find known vulnerabilities using search engines
Google Hack Database (GHDB)
Discover unpublished directories and files associated with a target website
Input and output manipulation
Input and output validation approaches
Discover and exploit reflected XSS vulnerabilities
Discover and exploit stored XSS vulnerabilities
Discover DOM-based XSS vulnerabilities
Prevent XSS vulnerabilities
Discover and exploit SQL injection vulnerabilities, and prevent them
Bypass login mechanisms using SQL injections and login a website without password
Find more in a database using SQL injection vulnerabilities: databases, tables and sensitive data such as passwords
Discover & exploit blind SQL injections
Prevent SQL injections
Authentication methods and strategies
Bypass authentication mechanisms
Find unknown usernames and passwords: brute force & dictionary attacks
Launch a dictionary attack
Access unauthorized processes
Escalate privileges
Access sensitive data using path traversal attack
Session management mechanism
Impersonating victim by session fixation attack
Discover and exploit CSRF (Cross Site Request Forgery)

  • You should be familiar with web sites and general technology
  • You should have basic computer experience and knowledge

Welcome to the “Ethical Hacking Web Applications and Penetration Testing: Fast Start!” This course is for the beginners, so you don’t need to have a previous knowledge about hacking, penetration testing, or application development. You’ll learn how to “ethically” hack websites from scratch.

Since free tools and platforms are used, you don’t need to buy any tool or application.

You will have the hands-on practices to find out and exploit the most common vulnerabilities such as SQL injection, XSS (Cross Site Scripting) and CSRF (Cross Site Request Forgery).

Before starting to learn how to “ethically” hack a website, you’ll learn how to set up a lab environmentand install the needed virtual machines such as Kali Linux and OWASP Broken Web Applications. This will allow you to practice and hack “safely” without affecting your main systems.

Then, you’ll learn the basic termsstandardstechnologies and protocols of web applications: HTML, URL, HTTP etc.

When you’re ready to start hacking, you’re going to start with information gathering. In addition, you will learn how to use search engines to find out if there are known-vulnerabilities in the website. While discovering the website, you’ll analyse the configurations to understand if they cause any vulnerability.


Muharrem Aydın
Muharrem AydınComputer Engineer, Cyber Security Expert, IT Lawyer
After 10 years of software engineering experience with titles of software developer, product manager, and integration architect, I have been working in cyber security domain for last 10 years. I am not only a cyber security expert but also the head and kick-starter of a cyber security consultancy unit.

In security field, I have performed dozens of penetration tests for institutes from different sectors: finance, military, state agencies, and telcos.

I have consulted different companies in security field which includes global banks such as ING Bank, HSBC, CitiBank.

In addition, I am an adjunct instructor in a university and teaching cyber security for years.

I involved in technical areas and has taken responsibilities in:

Penetration tests (Pentests) and security audits
Cyber security training & consultancy
Source code analysis & secure software development
Cyber security incident response
Information security management system (ISMS) consultancy Open source cyber security systems, such as OpenVAS, OSSEC, OSSIM, Snort, Suricata, mod security
I’m creating my courses by using my know-how and 10 years of experience. As a result, our first course “Hacking Web Applications and Penetration Testing: Fast Start!” has gained “Best Seller” reputation in its category.

I have risen a lot of cyber security experts from scratch, and you are the next.

Courses and Services


Metropolitan Police, HSBC, University of Cambridge, Citibank, New York University and more

Contact Info

17 Green Lanes, London, England, N16 9BS

Phone: +44 20 3290 6271

Web: Hacker Academy

Recent Posts