DESCRIPTION
This course will cover the OWASP Top 10. The OWASP (Open Web Application Security Project) foundation was formed back in the early 2000s to support the OWASP project. The main goal is to teach students real-world web hacking and exploitation. In this course, we will cover the following from the OWASP Top Ten list:
A1: Injection
A2: Broken Authentication
A3: Sensitive Data Exposure
A4: XML External Entities (XXE)
A5: Broken Access Control
A6: Security Misconfiguration
A7: Cross-Site Scripting (XSS)
A8: Insecure Deserialization
A9: Using Components with Known Vulnerabilities
A10: Insufficient Logging & Monitoring
WHO SHOULD ATTEND
Web Developers, Pentesters, IT Security personnel and IT admins, Software Architects, Development Managers and Technical QA Managers.
Prerequisites
There are no official prerequisites, but we recommend that candidates have a good understanding of Information Security principles. Also, knowledge of programming in PHP, ASP.NET, C#, PYTHON or any programming language helps understand the concepts.
A DEMO VIDEO OF OUR COURSE: Web Service Hacking Via SQL Injection
The courses at a glance
In-depth Web application analysis, information gathering, and enumeration
Start from Web Application Attacks and land to real-world exploitation
Based on techniques professional pen-testers use
Covers everything a modern Pentester needs to know
Wide coverage of OWASP’s TOP 10
Master Burp Suite
Web Service Pentesting
Makes you a proficient professional web application pentester
Materials
-Internet
-Windows Operating System
-Java Runtime Environment v8
-The Uniform Server ( Uniform Server is a free lightweight WAMP server solution for Windows )
-OWASP Mutillidae II ( Famous Vulnerable Web Application )
-Python 3
-Burp Suite
-Netsparker ( will be provided )
-SQLMAP
-Notepad ++