There are more web applications than ever these days and a greater need than ever to make them secure. Web penetration testing is the use of tools and code to attack a website or web app to assess its vulnerabilities to external threats. This course will walk you through the web application penetration testing methodology, showing you how to write your own tools with Python for every main activity in the process.
- Get an overview of the web application penetration testing process & the tools used
- Learn HTTP & how to interact w/ web applications using Python and the Requests library
- Test tools against a vulnerable web application
Details & Requirements
- Length of access: lifetime
- Access options: download for offline access
- Certification of completion not included
- Redemption deadline: redeem your code within 30 days of purchase
- Experience level required: all levels
Christian Martorella has been working in the field of Information Security for the last 16 years, and is currently working as Principal Program Manager in the Skype Product Security team at Microsoft. Christian's current focus is on software security and security automation in a Devops world.
Before this, he was the Practice Lead of Threat and Vulnerability for Verizon Business, where he led a team of consultants in delivering security testing services in EMEA for a wide range of industries including Financial Services, Telecommunications, Utilities, and Government.
Christian has been exposed to a wide array of technologies and industries, which has given him the opportunity to work in every possible area of IT security and from both sides of the fence, providing him with a unique set of skills and vision on Cyber Security.
He is the co-founder and an active member of Edge-Security team, who releases security tools and research. Christian has contributed to open source security testing and information gathering tools such as OWASP WebSlayer, Wfuzz, theHarvester, and Metagoofil, all included in Kali, the penetration testing Linux distribution.
Christian presented at Blackhat Arsenal USA, Hack.Lu, What The Hack!, NoConName, FIST Conferences, OWASP Summits, OWASP meetings (Spain, London, Portugal, and Venice), and Open Source Intelligence Conference (OSIRA). In the past, Christian has organized more than 20 FIST Conferences in Barcelona, providing a forum for professionals and amateurs interested in Security Testing. Christian holds a Master's degree in Business Administration from Warwick Business School, and multiple security certifications such as CISSP, CISM, CISA, OPSA, and OPST.