Security Testing Essentials

This is highly practical and hands-on training for Security Testing Essentials that covers the OWASP top 10 vulnerabilities to attack and secure.

Combining the most advanced techniques used by offensive hackers to exploit and secure.

Course at a glance

  • Starting with various terminologies of web technologies such as, HTTP cookies, CORS, Same-origin-policy, etc and ends with multiple resources.
  • Once you get sufficient insights into web technologies, the second module covers the Mapping of applications for insecurities, with various tools and tricks with heavy usage of the most advanced intercepting proxy “Burp Suite”.
  • Mostly focused on serious vulnerabilities such as SQL Injection, Cross-site scripting, Cross-site request forgery, XML External Entity (XXE) attacks, Remote command Execution, Identifying load balancers, Metasploit for web applications, Advanced phishing attacks through XSS, and more.

Training Methodology

Every lesson starts with Finding and hunting for vulnerability by taking the points of how developers make and secure the web application at the time of development, once we have a clear path of working of the development phase to security, then we hunt for application business logic to attack. This is where most penetration testers failed in their own game.

“If I need to chop down a tree in six hours, I will use four hours to sharpen my axe and rest 2 hours to cut the tree”

The same strategy has been covered in this course. we start with getting around web applications by making analyses of applications and watching the same’s working behavior.

This course has been adapted from our work experience at gray hat security.

Course materials

  • Offline access to read PDF slides
  • 8+ Hours of Videos lessons
  • Self-paced HTML/Flash
  • 400+ PDF Slides