Overview of the web from a penetration tester’s perspective
Exploring the various servers and clients
Discussion of the various web architectures
Discovering how session state works
Discussion of the different types of vulnerabilities
WHOIS and DNS reconnaissance
The HTTP protocol
WebSocket
Secure Sockets Layer (SSL) configurations and weaknesses
Heartbleed exploitation
Utilizing the Burp Suite in web app penetration testing