First, it is important to understand how web applications work and how various components interact with each other. This section will cover various web application concepts and protocol basics.
What will you learn?
Interacting with web applications
Interacting with database services
Model View Controller Architecture
References:
Web Application (https://en.wikipedia.org/wiki/Web_application)
Web Application Pentesting (https://www.pentesteracademy.com/course?id=5)
Labs:
Objective: Use Burp Suite and Curl to enumerate the HTTP method allowed by the web page/directory.
Objective: Using OmniDB and PHPMyAdmin interact with the database.
Objective: Use Mongo shell to interact with the database server, execute NoSQL queries and retrieve data from the MongoDB server.
Objective: View/Modify the guestbook application code and explore the application.