Recommended Path: Tester
This article describes our Recommended Tester Paths.
Foundational: Tester
Foundational principles of application security for testers. (Video Only)
Total Learning Path Duration: 4 hours 8 minutes
Introduction to Security Journey
Privacy and Customer Data Protection
Intermediate: Tester
In-depth exploration of threat modeling, threats, security controls, and testing tools (Video + Hands On)
Total Learning Path Duration: 4 hours 43 minutes
Six Foundational Truths of Application Security
Logging and Exception Handling
Cross Site Request Forgery (CSRF)
Cross-Site Scripting (XSS) | Part 1
Cross-Site Scripting (XSS) | Part 2
Buffer Overflows and Remote Code Execution
Static Application Security Testing (SAST)
Static Application Security Testing (SAST) (HackEDU)
Dynamic Application Security Testing (DAST)
Dynamic Application Security Testing (DAST) (HackEDU)
Advanced: Web App Tester
Learn about advanced testing tools, deep dive into web application threats and common application weaknesses, fundamentals of approaching security testing, and leveraging SWSTL. (Video + Hands On)
Total Learning Path Duration: 5 hours 24 minutes
Thinking like a Penetration Tester
Penetration Testing an Bug Bounty
Security Testing: Introduction to Web Application Security Testing
Security Testing: Security Testing Truths
Security Testing: Security Testing Techniques
Security Testing: Web Application Penetration Testing Tools
SWSTL: Software Security Testing Lifecycle
SWSTL: Secure Requirements and Threat Modeling for Testers
SWSTL: Building a Security Testing Strategy
SWSTL: Automate Security Tests | Part 1
SWSTL: Automate Security Tests | Part 2
SWSTL: Validating Security Findings and Controls
Security Testing: Client-Side Testing for DOM-XSS
Security Testing: Server-Side Testing for Authentication Bypass