Scott Cosentino

Burp Suite contains an array of tools for penetration testing and finding vulnerabilities, and is mainly used on web applications. This course will show you how to use the suite of tools to detect vulnerabilities that cause web applications to be compromised. This is a hands-on course that gets you using the tools on examples right away. Learn by doing!

The course starts with a demonstration of how to set up a project in Burp Suite and work with the various modules it includes. Then it shows you how to use it to identify information-disclosure vulnerabilities and expose sites leaking sensitive information. We cover insecure decentralization vulnerability and how to expose it; testing web sockets for vulnerabilities; and how to simulate the directory traversal attack and read files that are running. And we cap it off with a look at other types of attacks, including the external entity injection (XXE), cross-site scripting (XSS), and SQL injections.

When you finish this course, you will have all the skills you need to test web applications for vulnerabilities!

Distributed by Manning Publications

This course was created independently by Scott Cosentino and is distributed by Manning through our exclusive liveVideo platform.

Learn the essential tools and techniques for hunting and exploiting vulnerabilities in web and Android applications. Equip yourself with the knowledge and skills to find and responsibly disclose vulnerabilities to companies, gaining rewards through existing bug bounty programs. Master the best practices of ethical hacking to detect bugs and improve security.

This comprehensive, seven-hour course covers three key areas:

Fundamentals of OWASP Top 10 Vulnerabilities

We start the course with a look at the most common vulnerabilities currently present in web applications. The OWASP Top Ten, from the Open Web Application Security Project, helps bug bounty hunters to know what to look for in penetration tests. We break down these vulnerabilities and demonstrate what to look for in order to detect them.

Kali Linux and Web Application Hacking

Web applications are currently some of the most common targets for bug bounties, so we’ll see how to create meaningful attacks against them. We’ll use Kali Linux tools, which are popular with both attackers and the defenders trying to secure web apps against those attacks. We’ll work with Nmap, SQLmap, Commix, Wfuzz, Metasploit, and many other tools to gather information about targets and launch attacks to expose their vulnerabilities.

Foundations of Hacking and Penetration Testing Android Apps

Most companies now have apps that are included in bug bounty programs. Learning how to scan and exploit these apps can often be a lucrative way to gain bounties. Given the new focus on application development, apps make a great target for bug bounties.

Distributed by Manning Publications

This course was created independently by Scott Cosentino and is distributed by Manning through our exclusive liveVideo platform.

Akka is a toolkit that simplifies the process of building concurrent, distributed, and fault-tolerant applications and systems without compromising performance. Written in Scala, Akka uses a module system for implementation and an approach to concurrency based on the actor model.

This easy-to-follow course provides a great introduction to the basics of Akka and distributed computing. You will learn these fundamentals by working with hands-on examples so you can put the concepts into action and see how they work. By the end of this course, you will have experience working with: actors, futures, routing, scheduling, and more.

If you are an Akka newbie looking to get a great foundation in Akka and distributed computing, you've come to the right place!

Distributed by Manning Publications

This course was created independently by Scott Cosentino and is distributed by Manning through our exclusive liveVideo platform.

Learn ethical hacking through Kali Linux, one of the leading computer security operating systems, so you can find and fix your system’s vulnerabilities. This course shows you how to gather information, detect vulnerabilities, and exploit them using Kali Linux. In just over three hours, you will have all the tools you need to test your own servers and applications for vulnerabilities.

Computer security is one of the fastest-growing fields in technology, and ethical hacking is an important skill for security professionals. With a new attack every 39 seconds, it is essential for security experts to have skills with the most powerful tools for the job. The tools in Kali Linux are commonly used by attackers. These same tools are also used by defenders to help secure their systems. Learning Kali Linux will allow you to secure your system before the attackers get to it.

Learn how to exploit common vulnerabilities in Linux and Windows, as well as how to find common vulnerabilities in web apps such as command injections and SQL injections.

Distributed by Manning Publications

This course was created independently by Scott Cosentino and is distributed by Manning through our exclusive liveVideo platform.

This course walks you through the process of using penetration-testing applications to find vulnerabilities and earn bug bounties. To put your new skills into practice, you will analyze a vulnerable Android app and use a range of approaches to discover its vulnerabilities. Some of the tools you’ll learn to use in this course:

• Drozer
• Dex2Jar
• Jadx
• ApkTool
• Adb
• Burp Suite

Learn all about dynamic and static analysis to become an expert at finding Android exploits.

Distributed by Manning Publications

This course was created independently by Scott Cosentino and is distributed by Manning through our exclusive liveVideo platform.