WAHS: Web Application Hacking and Security
Short Description
Full Description
EC-Council’s Web Application Hacking and Security (W|AHS) is a specialization certification that enables the cybersecurity workforce to learn, hack, test, and secure web applications from existing and emerging security threats in the industry verticals.
-
Module 01: Advanced Web Application Penetration Testing
-
Module 02: Advanced SQL Injection (SQLi)
-
Module 03: Reflected, Stored, and DOM-Based XSS
-
Module 04: Cross-Site Request Forgery (CSRF)
-
Module 05: Server-Side Request Forgery (SSRF)
-
Module 06: Security Misconfigurations
-
Module 07: Directory Browsing/Bruteforcing
-
Module 08: CMS Vulnerability Scanning
-
Module 09: Network Scanning
-
Module 10: Auth Bypass
-
Module 11: Web App Enumeration
-
Module 12: Dictionary Attack
-
Module 13: Insecure Direct Object Reference Prevention (IDOR)
-
Module 14: Broken Access Control
-
Module 15: Local File Inclusion (LFI)
-
Module 16: Remote File Inclusion (RFI)
-
Module 17: Arbitrary File Download & Upload
-
Module 18: Command Injection
-
Module 19: Remote Code Execution
-
Module 20: File Tampering
-
Module 21: Privilege Escalation
-
Module 22: Log Poisoning
-
Module 23: Weak SSL Ciphers
-
Module 24: Cookie Modification
-
Module 25: Source Code Analysis
