Web Application Penetration Testing: Steps, Methods, & Tools | PurpleSec

Описание к видео Web Application Penetration Testing: Steps, Methods, & Tools | PurpleSec

Web application penetration testing is comprised of four main steps including:

1. Information gathering.
2. Research and exploitation.
3. Reporting and recommendations.
4. Remediation with ongoing support.

These tests are performed primarily to maintain secure software code development throughout its lifecycle. Coding mistakes, specific requirements, or lack of knowledge of cyber attack vectors are the main purposes of performing this type of penetration test.

In this video, you’ll learn the steps on how to perform security testing on a web application and popular tools used during a web application penetration test with real-life examples.

Continue reading... https://purplesec.us/web-application-...

Sample Web Application Report
---------------------------------------------------
https://purplesec.us/wp-content/uploa...

Video Chapters
------------------------------
00:00 - Introduction
00:59 - What Is Web Application Penetration Testing?
01:44 - Why Web Application Pen Tests Are Performed
04:14 - Steps For Performing A Web Application Pen Test
04:50 - Step 1: Information Gathering
09:31 - Step 2: Research And Exploitation
11:12 - Web Application Framework (W3af)
12:45 - Burp Suite
14:53 - SQLMap
19:11 - Step 3: Reporting And Recommendations
20:01 - Step 4: Remediation And Ongoing Support
21:01 - Conclusion

About The Author
------------------------------
Strahinja Stankovic, ECSA
https://purplesec.us/cyber-security-e...

Related Videos
------------------------
► What Is Vulnerability Management?
   • What Is Vulnerability Management? (Ex...  
► Common Types Of Network Security Vulnerabilities
   • Common Types Of Network Security Vuln...  
► 7 Data Loss Prevention Best Practices
   • 7 Data Loss Prevention Best Practices...  
► The 3 Types Of Security Controls
   • The 3 Types Of Security Controls (Exp...  
► Red Team VS Blue Team: What’s The Difference?
   • Red Team VS Blue Team: What’s The Dif...  
► What Is A Security Operations Center?
   • What Is A Security Operations Center?...  
► What Are The Types Of Penetration Testing?
   • What Are The Types Of Penetration Tes...  

Resources & Links:
------------------------------
What Is Penetration Testing?

What Are The Different Types Of Penetration Tests?
https://purplesec.us/types-penetratio...
------------------------------

What Is Web Application Penetration Testing?

Web application penetration testing involves a methodological series of steps aimed at gathering information about:

- The target system.
- Finding vulnerabilities or faults in them.
- Researching for exploits that will succeed against those faults or vulnerabilities.
- Compromise the web application.

The Open Web Application Security Project (OWASP) is a community that focuses its efforts solely on discovering and reporting on web application security vulnerabilities.

Their reputable list of top 10 security flaws is updated every year to reflect the global trends in the security of web applications.

OWASP also publishes articles and security tools that are most practiced.

#application #pentesting #penetrationtesting

Комментарии

Информация по комментариям в разработке

Похожие видео