DeepSecurity's “Web App Penetration Testing” training allows students to evaluate the security posture of a web application and demonstrate the real impact if discovered vulnerabilities are exploited. Based on hands-on labs to exploit web applications and find flaws in your company's applications.

Attendees will learn about attacker tools and methods, through practical scenarios set up in laboratories deployed with the most popular MITER and OWASP TOP 10 vulnerabilities.

Course Topics

Interception proxies

OWASP® Zed Attack Proxy (ZAP)

Burp Suite - Application Security Testing

Common vulnerabilities

SSL/TLS Misconfigurations Username Harvesting Command Injection SQL Injection Cross-Site Command Execution (XSS) Server-Side Request Forgery (SSRF) XML External Entities (XXE) Local and Remote File Inclusion (LFI/RFI) Request Forgery Cross-site (CSRF)Open source intelligence (OSINT)Automated exploitation