How To Become Web Pentester And Reverse Engineer

Become a Web Pentester and Reverse Engineer

Learn everything you need to execute web application security assessments and Harness the Power of the Open-Source Radare2 for Your Reverse Engineering Projects.

What you’ll learn

• Why hacking is fun.
• Understand web security problems and how to fix them.
• How web applications work and how to find their security vulnerabilities.
• How professional penetration testing works.
• Get practical experience in exploiting web application vulnerabilities.
• Learn how to use Burp Suite in a web application penetration test.
• Learn the main functionality of Burp Suite, through examples.
• How to use Radare 2 to reverse engineer binary files.
• How to disassemble and navigate in a binary.
• How to debug and patch executables.

Requirements

• Students need to have a basic understanding of IT.
• Since we are using virtual machines in the course bundle, a user level understanding of VMWare or Virtualbox is required.
• An installed free edition of Burp Suite and the Owasp WebGoat. I will use the Kali Linux as my operating system, but that is optional.
• Basic understanding of the Linux terminal.
• Basic understanding of assembly.

Description

Web Pentester course bundle contains everything you need to know to start working as a web pentester: exploitation techniques, hacking tools, methodologies, the process of security assessments, and so on. You will have to work hard but at the end you will be able to perform web security assessments on your own, as a real ethical hacker.

The course is training by Geri Ravay. He works as a penetration tester in Germany. He said, “I am lucky to work with an extremely wide spectrum of technologies in my day job. I also talk at conferences, when I have the time. You can google my name.”

But why would you want to become a professional web penetration tester?

First of all because it is lot’s of fun, it is a very creative and exciting job. The security business is booming right now due to a serious shortage of penetration testers. As companies discover that they really have to invest in security, they face the problem that they cannot find qualified people and the problem just keeps growing. Because of that you can earn pretty well even as a white hat ethical hacker, there is no reason to go to the dark side.

“But most importantly I know how to become a penetration tester because I did it all by myself. I was a software quality engineer when I decided to change to pentesting. I took courses, training, read books.. to become pentester. When I designed this ethical hacking course bundle I tried to figure out what are the most important things you need, based on my own experience.”

“I analysed what I needed the most to become a pentester and also, when we hire somebody in our team, what skills we are looking for. I placed these topics in this course bundle. If you learn everything in this ethical hacking course bundle, I would be glad to work with you because I know that I can trust you with a web assessment.”, said Ravay.

The course bundle is absolutely hands on. We are going to hack real open source applications where you can try every technique and attack yourself. You will have to get your hands dirty. I will show you everything first and then you can keep experimenting and testing yourself.

Of course, this course is the essentials. In IT there are new systems and technologies born everyday and you will have to keep learning forever. Your knowledge will never be complete but that is good for two reasons:

• IT never gets boring, there will always be something interesting and new to learn.
• You will never be without a job. If you keep up with the developments there will always be something new to do.

So I hope I piqued you attention and you are ready to learn web application hacking and are ready to become an ethical hacker and reverse engineer.

This bundle will also help you master the Burp Suite. If you are already doing or planning to do any penetration testing, then it is 100% certain you will work with web applications. At this moment the Burp Suite is the most important tool for that. What you learn in this course bundle can be immediately used in web application assessments.

Learn the most important features of the Burp Suite:

• Hands-on exercises.
• Automating what you can.
• Efficient manual testing.

In this bundle you will also learn about the Radare 2 reverse engineering framework. It is an open source free alternative to IDA Pro. I started to work with it because I think nobody will buy IDA Pro (IDA Pro costs thousands of dollars) unless it is paid for by an employer.

Radare 2 is a perfect free alternative, the only disadvantage is that it could be hard to start with it.. This is where this course bundle comes in. My goal was to get you over the hard part as fast as possible so that you can get comfortable with Radare 2.

These are the things you will learn:

• Setting up Radare
• Understanding it’s syntax
• Understanding it’s configuration
• Information gathering about the binary
• Navigation in the binary
• Cross references
• Run-time debugging
• Patching the binary

However there are a few things that are not goals of this course bundle:

When we learn about reverse engineering we are going to focus on the Radare 2 itself and not on assembly. You can follow along without understanding everything in assembly and that is fine, but don’t expect to learn assembly in a few hours. This is not an assembly course.

We will learn some reverse engineering techniques but it is not our goal to learn everything.

Web Pentester course bundle is for:

• Developers who want to secure their web applications.
• People who want to become penetration testers.
• Penetration testers who want to extend their portfolio to web applications.
• This bundle is meant for people who have an intermediate understanding of how the web works. Preferably if you already work in IT or you study it, however, if you know what a HTTP request and response looks like, you should be fine.
• People who already know basic reverse engineering and want to learn how Radare2 can be used.
• Hackers looking for a free tool instead of IDA Pro. (IDA Pro costs thousands of dollars)

Following Courses Included with Purchase

• Learn Burp Suite
  How to make you web application testing easier and faster with the Burp Suite.
• Web Hacking: Become a Web Pentester
  Learn everything you need to execute web application security assessments.
• Reverse Engineering with Radare2
  Harness the Power of the Open-Source Radare2 for Your Reverse Engineering Projects.