The web application security testing course is recommended for audience with a background in TCP/IP networking.
A web application security test engineer is to test the vulnerability of the application to different types of attacks targeted on a web based application. The engineer is required to have a strong knowledge on TCP/IP and web communication.
1. TCP/IP and web communication fundamentals
Analysis of TCP/IP communication in a web communication. Web communication infrastructure and how TCP/IP works in a web environment. Use of HTTP protocol analyzers for detailed analysis of HTTP headers.
2. Web application attacks and vulnerabilities.
Detailed analysis of different types of web applications attacks and vulnerabilities and their anatomy and functionality.
3. Web application security testing tools.
Analysis of different tools which are used to test web application vulnerabilities and methodology to setup a lab infrastructure
4. Custom packet crafting
How to use Python and Scapy to write your own exploit.
Online and Classroom