Security Testing Basics (Getting started for Beginners)
All the basics that are required for Beginners to get started with Security Testing are covered in this course
Description
In this course, I have covered all the Security Testing that are required for Beginners to get started with.
If you are a beginner or fresher or new to Security Testing, and want to figure out whether this Security Testing field is for you or not, then this course is for you. This is an overview course, where by the end of this course, you can find out whether Security Testing is for you or not, its opportunities, basic knowledge and guidance required for moving into Security Testing field from Software Testing field.
The below are the different basic topics that are covered in this course:
What is Security Testing?
Importance of Security Testing with Examples
Future (Jobs, Skill Shortage, Demand, unemployment rate, Pay scale and Career Advice)
Security Testing versus Vulnerability Assessment versus Penetration Testing
Security Testing Versus Hacking
Don't end up in Jail
Manual Security Testing Versus Security Testing Tools
CIA Triad - Basic High Level Objectives of Security Testing
Security Testing - Vulnerability versus Threat versus Risk
Security Testing (Basics) - HTTP Methods
Security Testing (Basics) - HTTP Status Codes
Security Testing (Basics) - Cookie
Security Testing (Basics) - Cookie versus Session ID versus Session
Security Testing (Basics) - Cryptography and different Techniques
Security Testing (Basics) - Symmetric Key Encryption
Security Testing (Basics) - Asymmetric Key Encryption
Security Testing (Basics) - Symmetric & Asymmetric Key Sizes
Security Testing (Basics) - Finding Asymmetric Key Encryption used by different websites
Security Testing (Basics) - Encoding and Decoding
Security Testing (Basics) - Hashing
Security Testing (Basics) - HTTP is Stateless
Security Testing (Basics) - HTTPS
Security Testing (Basics) - Input Validation and Output Encoding
Security Testing (Basics) - Client Side Validation versus Server Side Validation
Security Testing (Basics) - Blacklisting versus Whitelisting (Input Validation)
Security Testing Basics - SSL versus TLS
Security Testing Basics - HTTP versus HTTPS
Security Testing Basics - Authentication vesus Authorization
Security Testing Terminology - Payloads and Malicious Input
Security Testing Terminology - DAST
Security Testing - Demo Application for Practice
Security Tesitng Process (Testing Phase of SDLC)
OWASP
OWASP Top 10 Vulnerabilities
Injection vulnerability and different types
SQL Basics for SQL Injection
Attack Surface and Attack Vector
SQL Injection (SQLi)
Anatomy of SQL Injection Payload
Security Testing - Second Demo Application for Practice
SQL Injection Payload - Vulnerability Assessment
SQL Injection Attack Surface
Installing BurpSuite
Using BurpSuite as Proxy Tool for Intercepting Requests
Configuring BurpSuite as Proxy with Firefox browser
Configuring BurpSuite as Proxy for Chrome browser
Configuring BurpSuite as Proxy for Internet Explorer browser
Installing WebGoat
Bypassing Client Side Validation using BurpSuite
Increasing Attack Surface using BurpSuite
What You Will Learn!
- Security Testing Getting Started
- Security Testing for Beginners
- Security Testing Basics
- Security Testing from Scratch
Who Should Attend!
- Beginners who want to get started with Security Testing and learn its basics
- For the one's who want to get into or move to Security Testing field, from regular Software Testing field.