New Training: Web Application Pentesting

In this 7-video skill, CBT Nuggets trainer Bob Salmans explores the tools and processes for pentesting web applications. You’ll discuss the OWASP top 10 list and walk through multiple web application exploits. Watch this new CompTIA training.

Watch the full course: CompTIA PenTest+

This training includes:

• 7 videos

• 54 minutes of training

You’ll learn these topics in this skill:

• Web Application Pentesting

• OWASP ZAP

• Attack Scans Using OWASP ZAP

• Brute Force Attack Using OWASP ZAP

• SQL Injection Using SQLmap

• Local and Remote File Inclusion Attacks

• Cross Site Scripting (XSS) Attacks

Why Do So Many Cybersecurity Professionals Care About OWASP?

The Open Web Application Security Project, or OWASP, is one of the internet’s leaders in software security. The OWASP offers recommendations, training, analysis and insight into software security vulnerabilities and risks by performing community-led, open-source projects to explore the most effective network and system vulnerabilities and their countermeasures.

The OWASP publishes all sorts of materials to support network security, like their top 10 proactive control categories that developers should incorporate into projects. OWASP also helps define how the cybersecurity community defines security threats. Their “Top 10 Web Application Security Risks” helps to keep network and system security technicians several steps ahead of hostile actors.

OWASP is such a valuable cybersecurity partner — and the reason their top web application risks lists are so valuable — is because they effectively steal malicious actors’ playbook and put it into your hands. Cybersecurity professionals plan better security strategies when they know the most common and effective ways that hostile actors infiltrate networks and systems.