In this course, I have covered all the Security Testing that are required for Beginners to get started with.

If you are a beginner or fresher or new to Security Testing, and want to figure out whether this Security Testing field is for you or not, then this course is for you. This is an overview course, where by the end of this course, you can find out whether Security Testing is for you or not, its opportunities, basic knowledge and guidance required for moving into Security Testing field from Software Testing field.

The below are the different basic topics that are covered in this course:

1. What is Security Testing?

2. Importance of Security Testing with Examples

3. Future (Jobs, Skill Shortage, Demand, unemployment rate, Pay scale and Career Advice)

4. Security Testing versus Vulnerability Assessment versus Penetration Testing

5. Security Testing Versus Hacking

6. Do not end up in Jail

7. Manual Security Testing Versus Security Testing Tools

8. CIA Triad : Basic High Level Objectives of Security Testing

9. Security Testing : Vulnerability versus Threat versus Risk

10. Security Testing (Basics) : HTTP Methods

11. Security Testing (Basics) : HTTP Status Codes

12. Security Testing (Basics) : Cookie

13. Security Testing (Basics) : Cookie versus Session ID versus Session

14. Security Testing (Basics) : Cryptography and different Techniques

15. Security Testing (Basics) : Symmetric Key Encryption

16. Security Testing (Basics) : Asymmetric Key Encryption

17. Security Testing (Basics) : Symmetric & Asymmetric Key Sizes

18. Security Testing (Basics) : Finding Asymmetric Key Encryption used by different websites

19. Security Testing (Basics) : Encoding and Decoding

20. Security Testing (Basics) : Hashing

21. Security Testing (Basics) : HTTP is Stateless

22. Security Testing (Basics) : HTTPS

23. Security Testing (Basics) : Input Validation and Output Encoding

24. Security Testing (Basics) : Client Side Validation versus Server Side Validation

25. Security Testing (Basics) : Blacklisting versus Whitelisting (Input Validation)

26. Security Testing Basics : SSL versus TLS

27. Security Testing Basics : HTTP versus HTTPS

28. Security Testing Basics : Authentication vesus Authorization

29. Security Testing Terminology : Payloads and Malicious Input

30. Security Testing Terminology : DAST

31. Security Testing : Demo Application for Practice

32. Security Tesitng Process (Testing Phase of SDLC)

33. OWASP

34. OWASP Top 10 Vulnerabilities

35. Injection vulnerability and different types

36. SQL Basics for SQL Injection

37. Attack Surface and Attack Vector

38. SQL Injection (SQLi)

39. Anatomy of SQL Injection Payload

40. Security Testing : Second Demo Application for Practice

41. SQL Injection Payload : Vulnerability Assessment

42. SQL Injection Attack Surface

43. Installing BurpSuite

44. Using BurpSuite as Proxy Tool for Intercepting Requests

45. Configuring BurpSuite as Proxy with Firefox browser

46. Configuring BurpSuite as Proxy for Chrome browser

47. Configuring BurpSuite as Proxy for Internet Explorer browser

48. Installing WebGoat

49. Bypassing Client Side Validation using BurpSuite

50. Increasing Attack Surface using BurpSuite