webpen.tar.gz

shodan_api

Wireshark

chrome

Burp

frog

proxychains

encoder

setoolkitChrome

chromeShark

juiceshop

BurpChrome

This course is intended for people interested in information security—particularly in the penetration testing of various websites—to identify the security flaws present in the majority of newly developed websites and how to fix them. 

You will learn web penetration testing techniques using the Kali Linux operating system. You will be introduced to Python programming, web server technology, network management, open source intelligence, cross-site scripting, SQL injection, authentication and authorization in systems, cross-site request forgery, social engineering attacks, and concepts in information security management. 

Your knowledge of the various web application vulnerabilities and attack methods will be enhanced after taking this course. You will get hands-on experience with many tools used in online penetration testing in cyber security.

Web Application Penetration Testing

## Introduction to Shodan

[Shodan](https://www.shodan.io/) is a web application search engine that indexes nearly every device directly connected to the internet. Therefore, it's a no-brainer that it's used also as an OSINT tool in the penetration of web application frameworks. Shodan works like other search engines, such as Google, that help in indexing information that's searched by different users across the internet. However, Shodan scans for every available port on the internet instead of just scanning for websites. This means it looks for every available IP address trying to identify whether it's open and available. It can be used to check for open webcams, vulnerable websites, insecure satellites, and much more.

> **Note:** For extensive use of Shodan, both in the pentesting field and in practice, it's always good to use a VPN and exercise caution. There are numerous honeypots waiting to trap beginners.

# Introduction to Shodan

[Shodan](https://www.shodan.io/) is a web application search engine that indexes nearly every device directly connected to the internet. Therefore, it's a no-brainer that it's used also as an OSINT tool in the penetration of web application frameworks. Shodan works like other search engines, such as Google, that help in indexing information that's searched by different users across the internet. However, Shodan scans for every available port on the internet instead of just scanning for websites. This means it looks for every available IP address trying to identify whether it's open and available. It can be used to check for open webcams, vulnerable websites, insecure satellites, and much more.

> **Note:** For extensive use of Shodan, both in the pentesting field and in practice, it's always good to use a VPN and exercise caution. There are numerous honeypots waiting to trap beginners.

Learn how powerful and versatile a tool Shodan can be for the OSINT process.

Introduction to the Course

Introduction to Linux

Introduction to Python

Web and Server Technology

Network Management and Analysis

Open-Source Intelligence

Cross-Site Scripting

SQL Injection

Authentication and Authorization

Cross-Site Request Forgery

Social Engineering Attacks

Broader Security Concepts

Wrapping Up

Shodan

Introduction to Shodan