Application Security Testing and SDLC for Developers
Offered By: YouTube
Course Description
Overview
Explore app security testing and secure development lifecycle practices in this 58-minute conference talk. Learn about integrating security into the development process, production testing techniques, and essential hacking tools. Discover four key steps in security testing: reconnaissance, mapping, vulnerability assessment, and exploitation. Gain insights into active web scanners, GUI tools, and command-line utilities like Skipfish. Examine proxy-based tools such as Burp Suite, OWASP ZAP, and Fiddler for in-depth web application testing. Acquire practical knowledge on using SQL maps and implementing a comprehensive web test framework to enhance your application security skills.
Syllabus
Intro
About James Jardine
Agenda
Development Life Cycle
Integrating Security
Production Testing
Hacking Tools
Open Source Tools
Four Steps
Reconnaissance
Mapping
Vulnerability Assessment
Vulnerability Exploitation
Active Web Scanners
GUI Overview
GUI Run
Scripting
Skipfish
Skipfish Findings
Skipfish Command Line
Dictionary Mode
HTML Report
Wrap Proxy
Scan Proxy
Report
Burp
Site Map
Scanner
OAuthZ
Attack Proxy
HTML Reports
Fiddler
Watcher
Web Test Framework
Samurai
SQL Maps
Practice
Wrap Up
Questions
Related Courses
Network SecurityGeorgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent