Short Course

Offensive Perspective - OWASP Security for Developers

Develop ”Out-of-box” thinking related to web secure coding and see security from an offensive perspective.

8 Hours of video content

Intermediate

Certificate of Completion Included

Check out Subscription Plans

Overview What You Will Learn Curriculum Instructor

Course Overview

This course provides developers with an in-depth understanding of web application security from an attacker's viewpoint. By focusing on the OWASP standards, this course equips learners with the skills to identify and address common security vulnerabilities found in modern web applications, ensuring they are better prepared to build secure code and defend against potential threats.

This course begins with a brief introduction and agenda, followed by an extensive overview of web penetration testing, covering information gathering, scanning, and enumeration techniques. Participants will learn how to exploit various vulnerabilities like XSS (Reflected and Stored), CSRF, OS Command Injection, and SQL Injection. It also covers the OWASP API and Web Top 10 vulnerabilities, emphasizing how to identify and exploit them. Additional topics include HTTP security headers, JSON Web Tokens, cryptography, and technical measures for best practices in security.

By the end of this course, you will have a solid understanding of offensive security techniques and how to secure your applications against OWASP vulnerabilities.

What You Will Learn

Explore Secure WordPress Websites.
Best practices when it comes to secure coding for web developers.
Dive deep into the OWASP Top 10 Web vulnerabilities.
\Out-of-box thinking\ when it comes to exploiting certain vulnerabilities.
Learn certain tools and frameworks for offensive perspective.

Program Curriculum

Agenda

Overview of Web Penetration Testing
Information Gathering - Part 1
Information Gathering - Part 2
Information Gathering - Part 3
Scanning and Enumeration
Mapping
Attacking the Users - Reflected XSS
Attacking the Users - Stored XSS
Attacking the Users - CSRF, Clickjacking, Open Redirect
Attacking the Server - OS Command Injection
Attacking the Server - SMTP Injection
Attacking Authentication
Attacking the Datastore (SQLi) - Part 1
Attacking the Datastore (SQLi) - Part 2
Chapter 2 Quiz

API OWASP Top 10 - Part 1
API OWASP Top 10 - Part 2
Chapter 3 Quiz

Web OWASP Top 10
Chapter 4 Quiz

HTTP Security Headers
Chapter 5 Quiz

JSON Web Tokens
Chapter 6 Quiz

Technical Measures and Best Practices - Part 1
Technical Measures and Best Practices - Part 2

Cryptography - Part 1
Cryptography - Part 2
Chapter 8 Quiz

Load more modules

Instructor

Gabriel Avramescu

Gabriel Avramescu is a Senior Information Security Consultant and an IT Trainer with certifications like OSWE (Offensive Security Web Expert), CREST Registered Penetration Tester (CRT), ECIH (EC-Council Incident Handling), Ec-Council ICS-SCADA Cybersecurity, OSCE (Offensive Security Certified Expert), OSWP (Offensive Security Wireless Professional), OSCP (Offensive Security Certified Professional), CHFI (Computer Hacking Forensic Investigator), ISO 270001 Lead Auditor, ECSA (EC-Council Security Analyst), CEH (Certified Ethical Hacker), CCNA and CCNA Security, CCNP Routing and CCNP Switching, Advanced Linux&InfoSEC, VMWare vSphere Install, Configure, Manage, and Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.

Buy this course now

$99.99

Get Immediate access for one year today!

Upgrade to Pro Plans and Get Full Access Today!

Get this course, along with 700+ courses and 50+ learning paths and more in one subscription. Learn more

Unlock All Access

Plans start from $33/mo. Cancel anytime.

Join over 1 Million professionals from the most renowned Companies in the world!

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans

Annual Plans

Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

^$ 499.00

Billed annually or $59.00 billed monthly

Get Started Now

Start your 7-day trial for $1

What is included

700+ Premium Short Courses
50+ Structured Learning Paths
Validation of Completion with all courses and learning paths
New Courses added every month

Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

^$ 599.00

Billed annually or $69.00 billed monthly

Get Started Now

Start your 7-day trial for $1

Everything in Pro and

800+ Practice Lab exercises with guided instructions
150+ CTF Challenges with detailed walkthroughs
New Practice Labs and Challenges added every month
3 Official EC-Council Essentials Certifications¹ (retails at $897!)
Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

Hands-on FortiGate Firewall

Short Course

Hands-on FortiGate Firewall

Security Architecture and Operations

Learn how to deploy the FortiGate NGFW and how to configure the most common features of FortiGate Next-Gen Firewalls

Learn how to deploy the FortiGate NGFW and how to configure t...

$99.99

Intermediate

3 hr 0 m

Hello
Hands-on SELinux

Short Course

Hands-on SELinux

Security Architecture and Operations

Learn SELinux Basics: Implement Security Policies, Troubleshoot, and Protect Linux Systems Effectively.

Learn SELinux Basics: Implement Security Policies, Troublesho...

$49.99

Beginner

5 hr 28 m

Hello
Complete Bash Shell Scripting

Short Course

Complete Bash Shell Scripting

Security Architecture and Operations

Automate repetitive tasks with Bash Shell Scripting to save valuable time

Automate repetitive tasks with Bash Shell Scripting to save v...

$79.99

Intermediate

18 hr 10 m

Hello
Installing and Mitigating Linux Rootkits

Short Course

Installing and Mitigating Linux Rootkits

Security Architecture and Operations

Understanding the threat posed by rootkits in Linux and potential mitigations.

Understanding the threat posed by rootkits in Linux and poten...

$59.99

Advanced

3 hr 0 m

Hello
Start Hacking and Making Money Today at HackerOne

Short Course

Start Hacking and Making Money Today at HackerOne

Security Architecture and Operations

Hack Legally and Get Paid for Your Findings

Hack Legally and Get Paid for Your Findings

$59.99

Beginner

1 hr 9 m

Hello
PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

Short Course

PowerShell Scripting Essentials: Anatomy of Logging – Developi...

Security Architecture and Operations

How to write a PowerShell module that contains functions to do logging for our scripts

How to write a PowerShell module that contains functions to d...

$69.99

Intermediate

6 hr 1 m

Hello
Machine Learning for Application in Digital Forensics

Short Course

Machine Learning for Application in Digital Forensics

Security Architecture and Operations

Unlocking the Potential of Machine Learning: From Theory to Practice

Unlocking the Potential of Machine Learning: From Theory to P...

$99.99

Intermediate

4 hr 0 m

Hello
Applied Python Cryptography

Short Course

Applied Python Cryptography

Security Architecture and Operations

Securing your Python code and protecting your users private information by utilizing simple, powerful, and free cryptographic libraries

Securing your Python code and protecting your users private i...

$79.99

Intermediate

4 hr 0 m

Hello