OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.
Pluralsight logo

Web App Pen Testing

Mapping

Tim Tomes

Understanding the target is a critical component of any offensive operation. This course will teach you how to gain a thorough understanding of web applications in order to maximize the potential for vulnerability discovery.

Read more

Understanding the target is a critical component of any offensive operation. This course will teach you how to gain a thorough understanding of web applications in order to maximize the potential for vulnerability discovery.

Understanding web applications from a user’s perspective is critical to establishing a foundation for vulnerability discovery. In this course, Web App Pen Testing: Mapping, you’ll learn how to analyze applications from a user's perspective to gain a thorough understanding of why and how applications are built while simultaneously resolving known attack surfaces. First, you’ll learn to create site maps through manual and automated techniques while gaining a functional understanding of applications. Next, you’ll explore techniques for identifying technologies implemented on both the server and client-side of applications. Finally, you’ll learn about architectural design patterns, how they affect the Web App Pen Testing methodology, and how to determine the pattern applied to build an application. When you’re finished with this course, you’ll have the skills and knowledge of Mapping web applications needed to maximize the potential for vulnerability discovery in the next step of the methodology.

Enroll now

Here's a deal for you

We found an offer that may be relevant to this course.
Save money when you learn. All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid for a limited time only
Future-proof your career
Access O'Reilly books, live events, courses, and more. Save with an annual subscription.
Take
15%
off

What's inside

Syllabus

Course Overview
Methodology: Mapping
Mapping: Manual Crawling
Mapping: Automated Crawling
Read more
Mapping: Identifying Implemented Technologies
Mapping: Architectural Design Patterns

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Suitable for professionals seeking a deeper understanding of web application vulnerability discovery
Provides a solid foundation for beginners seeking to establish a foundation in web application testing
Led by Tim Tomes, an experienced expert in the field
May not be suitable for learners with no prior knowledge in web application testing
Requires manual crawling, which can be time-consuming

Save this course

Save Web App Pen Testing: Mapping to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Web App Pen Testing: Mapping with these activities:
Review basic web application concepts
Familiarize yourself with key concepts and terminology related to web applications.
Browse courses on Web Application Development
Show steps
  • Review lecture notes and online resources on web application fundamentals.
  • Create a simple web application to practice building pages and handling user input.
Compile Web Application Pentesting Resources
Enhance your understanding of web applications by gathering and organizing materials relevant to the course.
Show steps
  • Identify and collect online resources, articles, and documentation on web application security.
  • Review and select the most valuable resources that provide insights into mapping techniques.
  • Organize the resources into a comprehensive compilation, categorized by topic or relevance.
  • Regularly update the compilation with new and relevant materials.
Follow tutorials on mapping web applications
Gain practical experience in mapping web applications using industry-standard tools and techniques.
Show steps
  • Identify and follow online tutorials on web application mapping.
  • Use tools such as Burp Suite or OWASP ZAP to practice mapping.
  • Experiment with different mapping techniques and compare results.
Nine other activities
Expand to see all activities and additional details
Show all 12 activities
Follow a tutorial on web application mapping
Strengthen your understanding of mapping techniques by following a guided tutorial.
Show steps
  • Find a tutorial on web application mapping
  • Follow the tutorial step-by-step
  • Take notes on the techniques that are used
  • Apply the techniques to a real-world web application
Web Mapping Exercises
Develop practical mapping skills by engaging in hands-on exercises.
Browse courses on Web Mapping
Show steps
  • Select a target website for mapping.
  • Use manual techniques to crawl the website and create a site map.
  • Utilize automated crawling tools to compare and refine the site map.
  • Analyze the results to identify potential attack surfaces.
Discuss web application mapping techniques with peers
Engage with other students to share knowledge, compare experiences, and reinforce understanding of mapping techniques.
Show steps
  • Join or create a study group or online forum focused on web application mapping.
  • Participate in regular discussions, ask questions, and share insights.
  • Collaborate on mapping projects or exercises.
Practice identifying web application technologies
Develop the ability to quickly and accurately identify the technologies used in a web application.
Show steps
  • Use online tools and resources to learn about common web application technologies.
  • Practice identifying technologies by examining websites and HTTP headers.
  • Participate in online challenges or competitions to test your skills.
Practice identifying web application architectural design patterns
Reinforce your understanding of architectural design patterns by applying them to real-world web applications.
Browse courses on Architectural Design Patterns
Show steps
  • Find a web application to practice with
  • Identify the different components of the application
  • Map out the flow of data between the components
  • Identify the architectural design pattern(s) that are being used
  • Write a brief summary of your findings
Build a simple web application from scratch
Solidify your understanding of web application mapping by applying it to the development of your own project.
Show steps
  • Choose a simple web application idea
  • Design the architecture of the application
  • Map out the data flow between the components
  • Implement the application
  • Test the application
Create a web application mapping report
Apply your mapping skills to create a comprehensive report that identifies and describes the attack surfaces of a web application.
Browse courses on Web Application Security
Show steps
  • Select a web application and perform a thorough mapping exercise.
  • Document your findings, including identified vulnerabilities and potential risks.
  • Create a report that clearly presents your results and analysis.
Attend a web application mapping workshop
Gain hands-on experience and learn advanced techniques for mapping web applications from industry experts.
Browse courses on Web Application Security
Show steps
  • Identify and register for a reputable web application mapping workshop.
  • Attend the workshop, actively participate, and ask questions.
  • Apply the knowledge and skills gained to your own web application mapping projects.
Contribute to an open-source web application mapping tool
Deepen your understanding of mapping techniques and contribute to the broader web application security community.
Browse courses on Open Source Software
Show steps
  • Identify an open-source web application mapping tool and explore its codebase.
  • Suggest improvements or new features based on your knowledge of mapping techniques.
  • Create pull requests or contribute code to enhance the tool's capabilities.

Career center

Learners who complete Web App Pen Testing: Mapping will develop knowledge and skills that may be useful to these careers:
Web Application Security Analyst
Web Application Security Analysts are responsible for protecting web applications from unauthorized access, use, disclosure, disruption, modification, or destruction. They do this by identifying and assessing security risks, vulnerabilities, and threats; developing and implementing security solutions; and monitoring and responding to security incidents. The Web App Pen Testing: Mapping course will help build a foundation for understanding how to analyze applications from a user's perspective to gain a thorough understanding of why and how applications are built while simultaneously resolving known attack surfaces.
See salaries and explore the career path for Web Application Security Analyst
Cybersecurity Analyst
Cybersecurity Analysts are responsible for protecting an organization's computer networks and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. They do this by identifying and assessing security risks, vulnerabilities, and threats; developing and implementing security solutions; and monitoring and responding to security incidents. The Web App Pen Testing: Mapping course will help build a foundation for understanding how to analyze applications from a user's perspective to gain a thorough understanding of why and how applications are built while simultaneously resolving known attack surfaces.
See salaries and explore the career path for Cybersecurity Analyst
Information Security Analyst
Information Security Analysts are responsible for protecting an organization's information assets. They do this by identifying and assessing security risks, vulnerabilities, and threats; developing and implementing security solutions; and monitoring and responding to security incidents. The Web App Pen Testing: Mapping course will help build a foundation for understanding how to analyze applications from a user's perspective to gain a thorough understanding of why and how applications are built while simultaneously resolving known attack surfaces.
See salaries and explore the career path for Information Security Analyst
Network Security Engineer
Network Security Engineers help keep organizations' networks secure. They do this through a variety of tasks, including designing, implementing, and maintaining security solutions; monitoring networks for suspicious activity; and responding to security incidents. The Web App Pen Testing: Mapping course can be an asset to those in this field because it helps build a foundation for understanding how to analyze applications from a user's perspective to gain a thorough understanding of why and how applications are built while simultaneously resolving known attack surfaces.
See salaries and explore the career path for Network Security Engineer
Full-Stack Developer
Full Stack Developers are responsible for both the front-end and back-end development of websites and web applications. They work with clients to understand their needs and then create websites and applications that meet those needs. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for Full-Stack Developer
Web Developer
Web Developers are responsible for designing, developing, and maintaining websites and web applications. They work with clients to understand their needs and then create websites and applications that meet those needs. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for Web Developer
Systems Engineer
Systems Engineers are responsible for designing, implementing, and maintaining computer systems. They work with clients to understand their needs and then create systems that meet those needs. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for Systems Engineer
Security Architect
Security Architects are responsible for designing, implementing, and maintaining an organization's security infrastructure. They work to protect the organization's data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. They will also need to follow and maintain compliance with relevant laws and regulations. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for Security Architect
IT Security Manager
IT Security Managers are responsible for developing and implementing security policies and procedures for an organization. They work with clients to understand their needs and then create policies and procedures that meet those needs. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for IT Security Manager
Software Developer
Software Developers are responsible for designing, developing, and maintaining software applications. They work with clients to understand their needs and then create software applications that meet those needs. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for Software Developer
Cloud Architect
Cloud Architects are responsible for designing, implementing, and maintaining cloud computing solutions. They work with clients to understand their needs and then create solutions that meet those needs. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for Cloud Architect
DevOps Engineer
DevOps Engineers are responsible for bridging the gap between development and operations. They work to ensure that software is developed and deployed quickly and efficiently. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for DevOps Engineer
Network Engineer
Network Engineers are responsible for designing, implementing, and maintaining computer networks. They work with clients to understand their needs and then create networks that meet those needs. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for Network Engineer
Database Administrator
Database Administrators are responsible for managing and maintaining databases. They work with clients to understand their needs and then create databases that meet those needs. The Web App Pen Testing: Mapping course may be useful for those in this field.
See salaries and explore the career path for Database Administrator
Security Analyst
Security Analysts are vital to organizations that wish to prevent, detect, and resolve cyber threats. They have several responsibilities on the job, including working in tandem with security teams to execute security controls within an environment; investigating, assessing, and responding to information security incidents; and monitoring systems for vulnerabilities or threats. They will also need to quickly assess any vulnerabilities and determine how to implement the proper security controls. The Web App Pen Testing: Mapping course may be useful for professionals in this field.
See salaries and explore the career path for Security Analyst

Reading list

We've selected nine books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Web App Pen Testing: Mapping.
Cover image
The Tangled Web
Save
Provides a deep dive into the security of modern web applications. It valuable resource for anyone interested in learning more about web application pen testing.
The Tangled Web
Paperback
Check
The Tangled Web
Kindle Edition
Check
Cover image
Ethical Hacking and Web Hacking Handbook and Study...
Save
Provides a comprehensive overview of web application security and valuable resource for anyone who wants to learn more about web application pentesting.
Ethical Hacking and Web Hacking Handbook and Study...
Paperback
Check
Ethical Hacking and Web Hacking Handbook and Study...
Kindle Edition
Check
Cover image
CISO Survey and Report 2013
Save
This guide provides a comprehensive overview of web application security testing, including techniques for mapping and identifying vulnerabilities. It valuable resource for anyone interested in learning more about web application pen testing.
CISO Survey and Report 2013
Paperback
Check
CISO Survey and Report 2013
Kindle Edition
Check
Cover image
The Hacker Playbook 3
Save
Provides a practical guide to penetration testing. It valuable resource for anyone interested in learning more about web application pen testing.
The Hacker Playbook 3: Practical Guide To...
Paperback
$$
The Hacker Playbook 3: Practical Guide To...
Kindle Edition
$$
Cover image
Attack and Defend Computer Security Set
Save
Provides a number of recipes for common web application security vulnerabilities.
Attack and Defend Computer Security Set
Kindle Edition
$$$
Cover image
The Art of Software Security Assessment
Save
Provides a broad overview of software security testing, including chapters on web application testing. It valuable resource for anyone interested in learning more about the field.
Art of Software Security Assessment, The:...
Kindle Edition
$$$
Cover image
Penetration Testing
Save
Provides a broad overview of penetration testing, including chapters on web application testing. It valuable resource for anyone interested in learning more about the field.
Penetration Testing: A Hands-On Introduction to...
Paperback
$$
Penetration Testing: A Hands-On Introduction to...
Kindle Edition
$$
Cover image
From Pablo to Osama
Save
Provides a guide to web application security for professionals.
From Pablo to Osama
Paperback
Check
From Pablo to Osama
Kindle Edition
Check
Cover image
Computer Security Fundamentals
Save
Provides a guide to web application security for developers.
Computer Security Fundamentals (Pearson It...
Paperback
$$$
Computer Security Fundamentals (2nd Edition)
Paperback
$$$
Computer Security Fundamentals Pearson uCertify...
Kindle Edition
$$$
Computer Security Fundamentals by William (Chuck)...
Paperback
$$$

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Here are nine courses similar to Web App Pen Testing: Mapping.
Web App Pen Testing: Reconnaissance
Most relevant
Performing Threat Modeling with the PASTA Methodology
Web Application Analysis with Kali Linux
Security Event Triage: Revealing Attacker Methodology in...
Applying DevSecOps to AWS Web Apps
Scan Web Applications with Bash
Specialized Testing: XSS
Specialized Testing: CSRF
Specialized Testing: SQL Injection
Course image
Time
109 hours
Level
Intermediate
Via
Pluralsight
Instructor
Tim Tomes
Language
English
Good to know
Suitable for professionals seeking a deeper understanding of web application vulnerability discovery
Provides a solid foundation for beginners seeking to establish a foundation in web application testing
Led by Tim Tomes, an experienced expert in the field
May not be suitable for learners with no prior knowledge in web application testing
Requires manual crawling, which can be time-consuming
Share and help others discover this course.
Facebook LinkedIn X Reddit Link Email
Don't miss out
Enroll today to gain access to this course
Enroll in this course
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser