Web Application Penetration Testing: Configuration and Deployment Management Testing
This course will teach you how to perform systematic penetration testing of configuration and deployment management using OWASP principles.
Learn how to test the deployed configuration that your applications are released on. In this course, Web Application Penetration Testing: Configuration and Deployment Management Testing, you’ll learn how to perform systematic configuration and deployment management testing to ensure that misconfigurations, or mistakes made during application deployment, do not provide opportunities for attackers to compromise infrastructures or applications. First, you’ll discover how to validate network and infrastructure configuration. Next, you’ll explore testing the platform that applications are deployed upon. Then, you’ll learn how to ensure that backup configurations and administrative interfaces do not open you up to attacks. Finally, you’ll go through testing cross-domain policies for rich internet applications. By the end of this course, you’ll have an understanding of how OWASP testing principles can be leveraged to systematically test configuration and deployment management.
Author Name: Lee Allen
Author Description:
With over two decades of experience in the security industry, Lee is a seasoned professional with a proven track record of delivering top-notch security services to a diverse range of organizations. From Internet Service Providers and computer manufacturers to global pharmaceutical companies, public universities, and a major bank, Lee has worked with some of the biggest names in the industry. With experience as a leader of the penetration testing team at a large bank, Lee has developed deep expe… more
Table of Contents
- Course Overview
1min - Introduction
4mins - Testing Network and Infrastructure Configuration
14mins - Testing Application Platform Configuration
18mins - Testing File Handling
22mins - Looking for Sensitive Information
24mins - Enumerating and Attacking Administrative Interfaces
14mins - Testing HTTP Methods
5mins - Testing Cross-domain Policy for Rich Internet Applications (RIA)
12mins - Validating HTTP Strict Transport Security Headers (HSTS)
7mins - Course Wrap Up
4mins
There are no reviews yet.