Web Mobile Application VAPT
=============================
Introduction
Hacking Web Application/Websites
Hacking Mobile Applications
Scanning (Active and Passive scanning)

Detailed part for this Course:
Introduction
Lab Setup (creating your own hacking lab)
Need VMPlayed (free)
Kali Linux (Basic of Linux included, an introduction to Kali Linux with installation)
OWASP Broken Web Apps 1.0 Released (Web application environment)
Web for Pentester (Web application environment)

Hacking Web Applications/Websites
OWASP top 10 2017
Top 10-2017 A1-Injection
Top 10-2017 A2-Broken Authentication
Top 10-2017 A3-Sensitive Data Exposure
Top 10-2017 A4-XML External Entities (XXE)
Top 10-2017 A5-Broken Access Control
Top 10-2017 A6-Security Misconfiguration
Top 10-2017 A7-Cross-Site Scripting (XSS)
Top 10-2017 A8-Insecure Deserialization
Top 10-2017 A9-Using Components with Known Vulnerabilities
Top 10-2017 A10-Insufficient Logging&Monitoring

Manually finding vulnerabilities
Finding Vulnerabilities with Tools
Web application/Website Scanning
Website scanning with tools like Burpsuite | IBM AppScan | Qualys | OWASP-ZAP | Nikto | WPScan etc
Countermeasures

Hacking Mobile Applications
OWASP top 10 Mobile
M1: Improper Platform Usage
M2: Insecure Data Storage
M3: Insecure Communication
M4: Insecure Authentication
M5: Insufficient Cryptography
M6: Insecure Authorization
M7: Client Code Quality
M8: Code Tampering
M9: Reverse Engineering
M10: Extraneous Functionality

Manually finding vulnerabilities
Finding Vulnerabilities with Tools
Mobile App Scanning
Tools: Andro scanning | OWASP ZAP
Countermeasures

Books included in this Course (All Free)
1) Web application hacking Books (pdf)
2) All About BurpSuite Proxy tool (pdf)
3) Kali Linux cookbook