book/courses that teaches me about vulnerabilities and also teaches how to get rid of them in web/mobile application?

Apr 16, 2023
Reaction score
vulnerabilities like

  • blind sql injection
  • untrusted search path vulnerability
  • Distributed Computing Environment / Remote Procedure Calls (DCE/RPC) or MSRPC
services running on the remote host can be enumerated by connecting on port xyz and doing the appropriate queries.
  • web-inf information disclousre vulnerability
  • directory traversal vulnerability
  • Cleartext Transmission of Sensitive Information via HTTP
etc etc basically textbook penetrating testing remedy books/courses etc. I want remedy, for that I do need to understand vulnerability. I don't need to learn how attack to find vulnerability. That's not my job. I just need to provide remedy on linux servers.

All you have to do is run a vulnerability scanner on your servers.
I am talking about learning how to remedy it not how to pentest it.
To me, this is a chicken-and-egg situation, to remedy any possible intrusions/holes in your system you will need to test it yourself [or pay to have it tested] to assess what you need to do, the link at the bottom will give you a guide to what standard scanners are available to Linux users, but If you want to progress as a systems engineer/manager I strongly suggest [if you have time ] learn pentesting. There are several pen-testing distributions you could install on a spare machine [or in a VM] for education purposes,
the easiest to install is Parrot [either the Security edition or the home edition, as the tool are available in both distributions]


Members online