Table of Content
Web Technology Basics
- Web Application
- HTML
- CSS
- JavaScript
- Document Object Model (DOM)
- XPath
- Popular Web Browsers
- Inspecting Elements in Browser
- TCP/IP Protocol Architecture
- Internet Protocol
- Transport Layer
Software Testing Basics
- Scope
- Functional vs. Non-Functional testing
- Defects and Failures
- Finding Faults Early
- Compatibility
- Input Combinations and Preconditions
- Static vs. Dynamic Testing
- Software Verification and Validation
- The Software Testing Team
- Software Quality Assurance (SQA)
- Testing Methods - The box approach
Security Concepts
- Security Principles
- Identification and Authentication
- Attack Types
- Social Engineering
- Steganography
Information Gathering
- Information Gathering Basics
- DNS, whois and ARIN records
- Using traceroute, e-mail tracking and web spider
- Google Hacking
- Popular Information Gathering Tools
Vulnerability Analysis
- Vulnerability Analysis Basics
- Identifying and Removing Vulnerabilities
- Vulnerability Naming
- Vulnerability Assessment Tools
Exploitation Techniques
- Attack Vector
- SQL Injection
- Buffer Overflow
- Cross-Site Scripting or XSS
- CSRF
- Hidden Fields
- Web-Based Password Cracking
- Cookies Attack
- URL Obfuscation
- Arbitrary Code Execution
- File Inclusion Vulnerability
- Man-in-Middle Attack
Client Side Web Application Security
- DOM-based Cross site scripting
- JavaScript Execution
- HTML Injection
- Client Side URL Redirect
- CSS Injection
- Client Side Resource Manipulation
- Cross Origin Resource Sharing
- Cross Site Flashing
- Clickjacking
- WebSockets
- Web Messaging
- Local Storage
Server Side Web Application Security
- Configuration and Deployment Management Testing
- Identity Management Testing
- Authentication Testing
- Authorization Testing
- Session Management Testing
- Input Validation Testing
- Error Handling
- Cryptography
- Business Logic Testing
Web Application Security Test Design
- Test Design
- Web Application Security Testing Challenges
- Web Application Security Testing Requirements Gathering
- Web Application Security Testing High Level Design
- Web Application Security Testing Low level Design
- OWASP Web Security Testing Framework
Web Application Security Test Execution
- Unit Testing
- Integration Testing
- Web Application Security Test Development
- Web Application Security Testing Defects
- Defects Reporting
- SAST
- DAST
- Web Application Security Testing Tools
Apply for Certification
https://www.vskills.in/certification/testing/web-application-security-testing-certification-course