Overview What You Will Learn Curriculum Instructor

Course Overview

Unless you try to exploit a vulnerability yourself, no reading will give you the required know-how to fully understand the impact and look for and avoid such weaknesses in your applications.

To become a better professional, you should have a great understanding of the most critical web application security risks. This is mandatory for IT students, job seekers, software developers, testers, and application managers.

The OWASP Top 10 “is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications”.

This course follows a hands-on approach: you’ll exploit at least ten vulnerabilities in a deliberately vulnerable web application. In each session, we will review and briefly discuss a single OWASP Top 10 risk, and then you’ll be guided to search and exploit that weakness in the target application. Since you’ll have access to the web application source code, you’ll be able to spot the vulnerable source code and fix it.

After completing this course, you’ll be comfortable answering security-related questions in your next job interview or bringing security into your organization and into the Software Development Life Cycle (SDLC).

What You Will Learn

  • How to use the OWASP Top 10 to ensure your applications minimize the security risks in the list
  • How Web Applications are built and delivered on top of the HTTP protocol
  • Threat agents
  • attack vectors
  • and impact of the ten most critical web application security risks
  • Identify and mitigate the ten most critical security risks by reviewing vulnerable source code
  • Common exploitation techniques used to test software security

Program Curriculum

  • Welcome
  • Introduction to the OWASP Top 10
  • How the World Wide Web Works
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 1 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 2 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 3 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 4 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 5 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 6 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 7 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 8 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 9 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 10 Quiz

  • Threat Analysis
  • Exploitation
  • Mitigation
  • Chapter 11 Quiz

OWASP Top 10 – 2021?

  • Threat Analysis?
  • Exploitation?
  • Mitigation?
Load more modules

Instructor

Paulo Silva Silva

Ethical Hacker / Security Researcher

Paulo Silva holds a bachelor’s degree in computer science and a master in Innovation and Technological Entrepreneurship. With more than 15 years professional experience as software developer, in the last 6 years he has been completely focused on security. Nowadays he is an independent senior security researcher, collaborating with several organizations to find and fix security weaknesses in their systems.

Since 2010 Paulo is OWASP’s volunteer contributing to several projects such as the OWASP Top 10 and OWASP API Security Top 10 in which he is the main contributor. He’s also the OWASP Go Secure Coding Practices project leader.

Used to attend security conferences all over the world, Paulo is frequently invited to deliver awareness and security training in the academia. He has also authored several security articles and secure programming guides.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • Hands-on FortiGate Firewall

    Hands-on FortiGate Firewall

    Short Course

    Hands-on FortiGate Firewall

    Security Architecture and Operations

    Learn how to deploy the FortiGate NGFW and how to configure t...

    $99.99

    Intermediate

    3 hr 0 m

  • Hands-on SELinux

    Hands-on SELinux

    Short Course

    Hands-on SELinux

    Security Architecture and Operations

    Learn SELinux Basics: Implement Security Policies, Troublesho...

    $49.99

    Beginner

    5 hr 28 m

  • Complete Bash Shell Scripting

    Complete Bash Shell Scripting

    Short Course

    Complete Bash Shell Scripting

    Security Architecture and Operations

    Automate repetitive tasks with Bash Shell Scripting to save v...

    $79.99

    Intermediate

    18 hr 10 m

  • Installing and Mitigating Linux Rootkits

    Installing and Mitigating Linux Rootkits

    Short Course

    Installing and Mitigating Linux Rootkits

    Security Architecture and Operations

    Understanding the threat posed by rootkits in Linux and poten...

    $59.99

    Advanced

    3 hr 0 m

  • Start Hacking and Making Money Today at HackerOne

    Start Hacking and Making Money Today at HackerOne

    Short Course

    Start Hacking and Making Money Today at HackerOne

    Security Architecture and Operations

    Hack Legally and Get Paid for Your Findings

    $59.99

    Beginner

    1 hr 9 m

  • PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    PowerShell Scripting Essentials: Anatomy of Logging – Developing a Logging Module

    Short Course

    PowerShell Scripting Essentials: Anatomy of Logging – Developi...

    Security Architecture and Operations

    How to write a PowerShell module that contains functions to d...

    $69.99

    Intermediate

    6 hr 1 m

  • Machine Learning for Application in Digital Forensics

    Machine Learning for Application in Digital Forensics

    Short Course

    Machine Learning for Application in Digital Forensics

    Security Architecture and Operations

    Unlocking the Potential of Machine Learning: From Theory to P...

    $99.99

    Intermediate

    4 hr 0 m

  • Applied Python Cryptography

    Applied Python Cryptography

    Short Course

    Applied Python Cryptography

    Security Architecture and Operations

    Securing your Python code and protecting your users private i...

    $79.99

    Intermediate

    4 hr 0 m

1 8