Foundational: TesterFoundational principles of application security for testers. (Video Only)Total Learning Path Duration: 4 hours 8 minutesIntroduction to Security JourneyIntroduction to SecurityCore Security ConceptsAttacksAttackersThreat LandscapeThe Hacker MindsetSocial EngineeringSecurity MythsSecurity Culture and MindsetData BreachesSecurity Business CasePrioritizing SecurityTranslating SecurityRisk Managment for AppSecPrivacy and Customer Data ProtectionDealing with VulnerabilitiesSecurity at HomeTips for Secure Remote WorkOWASP UniverseKnowledge SourcesThreat Landscape: CloudIoT Threat LandscapeSecure Development LifecycleIntermediate: TesterIn-depth exploration of threat modeling, threats, security controls, and testing tools (Video + Hands On)Total Learning Path Duration: 4 hours 43 minutesSix Foundational Truths of Application SecuritySecurity RequirementsThreat Modeling BasicsThreat Modeling ProcessThreat Modeling (HackEDU)Input ValidationOutput EncodingAuthentication TheoryAuthorization TheoryLogging and Exception HandlingCryptographySoftware Supply ChainInjection: SQL and CommandCross Site Request Forgery (CSRF)Cross-Site Scripting (XSS) | Part 1Cross-Site Scripting (XSS) | Part 2Buffer Overflows and Remote Code ExecutionDenial of Service (DoS)Server-Side Request ForgeryInsecure CommunicationStatic Application Security Testing (SAST)Static Application Security Testing (SAST) (HackEDU)Dynamic Application Security Testing (DAST)Dynamic Application Security Testing (DAST) (HackEDU)Advanced: Web App TesterLearn about advanced testing tools, deep dive into web application threats and common application weaknesses, fundamentals of approaching security testing, and leveraging SWSTL. (Video + Hands On)Total Learning Path Duration: 5 hours 24 minutesThinking like a Penetration TesterVulnerability ScanningNext Generation AppSec ToolsPenetration Testing an Bug BountyOWASP Top 10 | Part 1OWASP Top 10 | Part 2OWASP Top 10 | Part 3CWE Top 25 | Part 1CWE Top 25 | Part 2CWE Top 25 | Part 3CWE Top 25 | Part 4Security Testing: Introduction to Web Application Security TestingSecurity Testing: Security Testing TruthsSecurity Testing: Security Testing TechniquesSecurity Testing: Web Application Penetration Testing ToolsSWSTL: Software Security Testing LifecycleSWSTL: Secure Requirements and Threat Modeling for TestersSWSTL: Building a Security Testing StrategySWSTL: Build Tests and ReviewSWSTL: Automate Security Tests | Part 1SWSTL: Automate Security Tests | Part 2SWSTL: Validating Security Findings and ControlsSecurity Testing: Client-Side Testing for DOM-XSSSecurity Testing: Server-Side Testing for Authentication Bypass
