Web Application PentestingLearn the essentials for becoming a web app pentester.
What you will learnThe first course in the learning path covers workstation setup, including installation and configuration of Burp Suite with the Firefox web browser. Certificate installation and proxy configurations are covered in order to allow newcomers to start pentesting immediately. The second course makes up the bulk of this learning path and focuses on the OWASP Top Ten vulnerabilities. Many real-world vulnerabilities are showcased for each of the ten topics and various demos are given on how to solve related challenges in both OWASP Juice Shop and Portswigger's Web Security Academy. The third course covers a variety of pentesting tools and Burp extensions such as Turbo Intruder, Intruder File Payload Generator, SQLMap and many more. The fourth course closes out the learning path with pentesting advice, a path recap and a look at the final project.
Web Application Pentesting Skill Assessment
Assessment - 36 questions
Introduction to Web Application Pentesting
Course - 01:03:00
OWASP Top Ten
Course - 09:16:00
Tool Setup and Usage
Course - 02:29:00
Conclusion to Web App Pentesting
Course - 01:58:00
Purple Team Web Application Security Project
Project - 02:34:00
OWASP Top 10 Cyber Range
Cyber range - 10:00:00
Learning path insights
How to claim CPEs
Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- All-Source Analyst
- Mission Assessment Specialist
- Exploitation Analyst
No software. No set up. Unlimited access.
Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.
Plans & pricing
- Team administration and reporting
- Dedicated client success manager
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps