fbpx
Operations : Sun – Thu 9.00 17.00 | Testing : 24/7
Call Us: +2 (02) 26720018

Security Test

Overview

With the increasing complexity of web Application nowadays, it is getting harder to manage applications from the security angle. Loopholes in such web applications have cost millions of dollars resulting from online frauds and scams. This course will help Software Testers understand and implement measures to address security issues of their web applications.

It is suggested that candidates for the Security Test course have practical work experience in the Software Testing field.

Outline

Day 1:
  • Intro on security testing
  • What’s going on the network behind the scene?
  • Basic terminologies
  • Web/Mob/infra Pentesting difference
  • Exercises & Workshops
Day 2:
  • Deep Dive into Burp Suite
  • Owasp Top 10 (Most common Attacks)
  • A1 Injection
  • A2 Broken Authentication and Session Management
  • Exercises & Workshops
Module 3:
  • A3 Cross-Site Scripting (XSS)
  • A4 Insecure Direct Object References
  • A5 Security Misconfiguration
  • A6 Sensitive Data Exposure
  • A7 Missing Function Level Access Control
  • Exercises & Workshops
Module 4:
  • A8 Cross-Site Request Forgery (CSRF)
  • A9 Using Components with Known Vulnerabilities
  • A10 Unvalidated Redirects and Forwards
  • Intro on Automated pentesting Tools
  • Exercises & Workshops

Learning Objectives

  • Design, Build and Test Applications for Security
  • Ability to Implement Tools and Techniques for Penetration Testing
  • Risk Management of Applications Under Test
  • Diagnosing the Problem, Recognizing its Impact and Finding Solutions
  • Ability to Catch/Report Security Vulnerabilities During the Traditional Testing Process