OW06 - Web App Penetration Testing with OWASP
The number of attacks against web applications has increased significantly in recent years.
The level of exposure of web applications makes them a natural target for hackers, for that reason is necessary to perform more accurate tests to be able to detect vulnerabilities before hackers do.
In this training, you will learn how to improve your penetration testing skills using the OWASP framework.
Course level: (intermediate, advanced)
- Good knowledge in Web Apps developing.
- Good Knowledge in Penetration Testing.
Module 01: Introduction to OWASP Web Penetration Testing
1.1 - Fundamentals of Web Technologies
1.2 - Threat Modeling Risk Management
1.3 - OWASP Top 10
1.4 - Introduction to Security Testing
Module 02: Web Application Security Testing I
2.1 - Information Gathering
2.2 - Configuration and Deployment Management Testing
2.3 - Authentication Testing
2.4 - Identity Management Testing
Module 03: Web Application Security Testing II
3.1 - Authorization Testing
3.2 - Session Management Testing
3.3 - Input Validation Testing
3.4 - Testing for Error Handling
Module 04: Web Application Security Testing III
4.1 - Testing for weak Cryptography
4.2 - Business Logic Testing
4.3 - Client Side Testing
4.4 - Reporting
Capture the Flag
- Techniques and Tactics
- CTF Final Competition