Javascript for Pentesters will take you beyond alert(‘XSS’) and equip you to demonstrate advanced attacks such as Hijacking Forms, Logging Keystrokes, DOM manipulation etc. This course is Beginner friendly.
– Vivek Ramachandran
Founder, SecurityTube.net and Pentester Academy
Question?Promotional Pricing – Enroll Now!
1. What is the Javascript for Pentesters (JFP) course about?
As a Pentester, have you ever wanted your proof of concept to go beyond Alert(‘XSS’)? What if you could show demos of hijacking form submissions, modifying entire page layouts, exfiltrate data from the vulnerable application? This course is designed to teach you EXACTLY that!
Javascript for Pentesters (JFP) focuses on teaching the basics of Javscript and then moves on to its application in infosec such as Session and Form Hijacking, Keystroke Monitoring, Data Exfiltration, XSS (DOM, Stored, Reflected), Filter evasion etc.The course contains over 25+ Challenges of varying difficulty
This course starts from the very basics of programming in Javascript and does not expect students to have prior experience with the language. The learning path is beginner friendly.
2. Course Syllabus
A non-exhaustive list of topics to be covered include:
- Module 1: Language Basics
- Introduction and Hello World in JS
- Variables in JS
- Operators
- Conditional Statements
- Loops
- Functions
- Data Types
- Enumerating Object Properties
- HTML DOM
- Event Handlers
- Cookies
- Exception Handling
- Forms Manipulation
- Module 2: Application in Infosec
- Cross Domain Policies and Restrictions
- XMLHttpRequest Use and Restrictions
- Cross Site Scripting (XSS)
- DOM XSS
- Reflected XSS
- Stored XSS
- XSS Filters
- Filter Evasion Techniques
- Stealing Cookies
- Social Engineering and Phishing
- Modify HTML
- Add, Remove HTML elements
- Hijacking Form Submits
- Hijacking Mouse Clicks
- Hijacking Links
- Keystroke Logging
- Stealing from Auto-Complete
- Data Fetching, Posting and Exfiltrating with XMLHttpRequest
Promotional Pricing – Enroll Now!
3. Can I see some sample videos from the course?
The course is fully hands-on and you will be spending almost 90% of the time doing exercises with the instructor. The course starts from the very basics and slowly takes you to more complicated topics, making it ideal for self-paced learning. Below are a couple of sample videos from the course:
1. Introduction and Hello World in JS
The course contains over 25+ challenges where the student will be doing exercises.
Promotional Pricing – Enroll Now!
4. What do I get as a registered student?
A registered student will get the following:
- HD Download of Course Theory Videos
- HD Download of Course Exercise Videos
- PDF Slides of the full course
- Access to Online Exercises
- Certification Exam
- PDF copy of certificate if you pass the exam
Please note that there is no student forum associated with this low-priced course.
Promotional Pricing – Enroll Now!
5. What is the course duration? when does it start / stop ?
Javascript for Pentesters course is completely self-paced, self-study course. There is no duration of the course or expiry period.
6. I am a student of Pentester Academy. Will this course be posted there?
We are already posting the videos of this course on Pentester Academy as they are being created. However, please note that Pentester Academy does not include the Exam and Certification. It is a course material only access.
7. Student Testimonials from our other courses
SecurityTube Certifications are currently taken by students from over 73+ countries around the world! Here is what our students have to say about us:
I found the SecurityTube Linux Assembly Expert course to be unique as it challenges the trainee to research and write implementations himself rather than just learning a book. This is also reflected by the exam which requires the user to go hands and which, in my opinion, tests the skills of the user a lot better than a multiple choice exam can. I also liked the fact there weren’t any time constraints on when to take the exam, which made it infinitely easier to plan in with regards to my job. The fact you also get a complete GDB course as an extra is a real bonus (Vivek wants to make sure you really know how to use your basic tools). The best part of the SLAE was the price, there are little other trainings of the same quality with the same price.
– Lucas Kauffman
IT Security Advisor
Ernst & Young
SecurityTube and Vivek Ramachandran are making a significant contribution and impact in the field of Information Security Education. My experience completing SecurityTube Wireless Security Expert has been fun and highly satisfying. The SWSE Course content is of high-quality, hands-on & crystal-clear to understand. Vivek has the unique gift of transferring his knowledge seemingly casually yet very effectively. The technique of breaking topics into delicious small-chunks make them easy to absorb irrespective of the complexity of the subject.
After passing the SWSE, I am having fun doing SecurityTube Python Scripting Expert course!
– Sarveshwar Rao
CISSP,CISA,C|EH,SWSE
Sr. Security Product Manager
Alcatel-Lucent
Though I’ve been working with Python for automating security related tasks for almost two years now, this course enhanced my understanding of the language to new depths. I’ve already recommended the SecurityTube Python Scripting Expert to all my friends, as trainer gives very clear and interesting explanations during lectures and in attached PDF materials. But still, if you want to know the subject better, you constantly need to do a lot of research yourself. And this course does really help in that! 🙂
– Andriy Brukhovetskyy
CyberSecurity Professional at S21sec
Spain
8. Why Choose SecurityTube Certifications?
Our Certifications are taken by students from over 73+ countries and are Globally recognized. The Flags in the image to the left are countries from where our students belong. In addition, SecurityTube Certifications provide:
- High Quality Content at an Affordable Cost
- The most Comprehensive Course Coverage in the Industry
- Uses Open Content for Course Evaluation
- Concept Oriented, Practical Content rather than only Theory
Promotional Pricing – Enroll Now!
9. Course Instructor
Vivek Ramachandran is the Founder and Chief Trainer at SecurityTube.net. He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“.
Vivek currently runs the SecurityTube Wi-Fi Security Expert (SWSE), the SecurityTube Metasploit Framework Expert (SMFE), SecurityTube Python Scripting Expert (SPSE) and the SecurityTube iOS Security Expert (SISE) online course and certifications which is currently being taken by students from over 73+ countries around the world. He also conducts in-person trainings in the US, Europe and Asia.
In a past life, he was one of the programmers of the 802.1x protocol and Port Security in Cisco’s 6500 Catalyst series of switches. He was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He has also published multiple research papers in the field of DDoS, ARP Spoofing Detection and Anomaly based Intrusion Detection Systems.
Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Blackhat USA and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc.
10. Course Enrollment and Payment
Please submit the Paypal powered form below to make a payment to “Binary Security Innovative Solutions Pvt. Ltd.“, the parent company of SecurityTube to enroll for the course. You will receive a confirmation email from our team within 1 Working Day of your payment.
If you cannot use Paypal, please drop us an email at feedback [] binarysecuritysolutions.com for alternate options for payment.
11. Contact Us
We have compiled a FAQ below:
Click to Expand FAQ…
Please use the form below if you have any additional questions not answered by this page and we will get back to your ASAP: