Web Application Penetration Testing: Configuration and Deployment Management Testing
Offered By: Pluralsight
Course Description
Overview
This course will teach you how to perform systematic penetration testing of configuration and deployment management using OWASP principles.
Learn how to test the deployed configuration that your applications are released on. In this course, Web Application Penetration Testing: Configuration and Deployment Management Testing, you'll learn how to perform systematic configuration and deployment management testing to ensure that misconfigurations, or mistakes made during application deployment, do not provide opportunities for attackers to compromise infrastructures or applications. First, you'll discover how to validate network and infrastructure configuration. Next, you'll explore testing the platform that applications are deployed upon. Then, you'll learn how to ensure that backup configurations and administrative interfaces do not open you up to attacks. Finally, you'll go through testing cross-domain policies for rich internet applications. By the end of this course, you'll have an understanding of how OWASP testing principles can be leveraged to systematically test configuration and deployment management.
Learn how to test the deployed configuration that your applications are released on. In this course, Web Application Penetration Testing: Configuration and Deployment Management Testing, you'll learn how to perform systematic configuration and deployment management testing to ensure that misconfigurations, or mistakes made during application deployment, do not provide opportunities for attackers to compromise infrastructures or applications. First, you'll discover how to validate network and infrastructure configuration. Next, you'll explore testing the platform that applications are deployed upon. Then, you'll learn how to ensure that backup configurations and administrative interfaces do not open you up to attacks. Finally, you'll go through testing cross-domain policies for rich internet applications. By the end of this course, you'll have an understanding of how OWASP testing principles can be leveraged to systematically test configuration and deployment management.
Syllabus
- Course Overview 1min
- Introduction 4mins
- Testing Network and Infrastructure Configuration 14mins
- Testing Application Platform Configuration 18mins
- Testing File Handling 22mins
- Looking for Sensitive Information 24mins
- Enumerating and Attacking Administrative Interfaces 14mins
- Testing HTTP Methods 5mins
- Testing Cross-domain Policy for Rich Internet Applications (RIA) 12mins
- Validating HTTP Strict Transport Security Headers (HSTS) 7mins
- Course Wrap Up 4mins
Taught by
Lee Allen
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network