Web App Penetration Testing Course

A step towards becoming a security ninja

Web applications are everywhere and plentiful. In fact, the Web is the de facto delivery mechanism for both consumer-grade and business-critical functionality these days. As such, the Web is also the most common vector for application-level attacks.

To stave off these attacks, companies must build security into their applications during development. Security-related activities that occur early in the SDLC such as architecture risk analysis and secure code review can help prevent many vulnerabilities, but coding errors are inevitable. Web Application Penetration Testing lets organizations find these errors, correct them, and verify that applications meet their required security criteria.

Web application penetration testing requires intricate knowledge of what to test for and how to test it. Without the appropriate breadth and depth, your testing efforts will fail to identify the most important vulnerabilities. Practitioners should possess the following skills:

  • Comprehension of Web technologies and testing tools
  • Practical knowledge of rigorous and systematic software testing methodologies
  • Ability to think like an attacker
  • Ability to determine risk and communicate findings
This course:
  • Provides the basic knowledge and experience needed to start performing Web Application Penetration testing
  • Teaches you how to uncover the most important types of Web application vulnerabilities

OBJECTIVES

At the end of this course, you will be able to:
  • Comprehend the basics of the HTTP protocol and other Web-related technologies and standards
  • Use tools for intercepting and modifying HTTP traffic
  • Develop test strategies and execute tests to uncover the most important types of Web application vulnerabilities
  • Communicate findings to developers and management to ensure that relevant findings are properly addressed

INTENDED AUDIENCE

This course is intended for software professionals or students working with Web applications who wants to perform security testing or penetration testing. They include QA testers, IT security professionals, web developers and Security Enthusiast.

PREREQUISITES

Students must be familiar with Web applications and related technologies, including JavaScript and HTML. Students must also be familiar with common Web vulnerabilities such as those included in the OWASP Top Ten taxonomy.