Главная
Study mode:
on
1
Intro
2
About James Jardine
3
Agenda
4
Development Life Cycle
5
Integrating Security
6
Production Testing
7
Hacking Tools
8
Open Source Tools
9
Four Steps
10
Reconnaissance
11
Mapping
12
Vulnerability Assessment
13
Vulnerability Exploitation
14
Active Web Scanners
15
GUI Overview
16
GUI Run
17
Scripting
18
Skipfish
19
Skipfish Findings
20
Skipfish Command Line
21
Dictionary Mode
22
HTML Report
23
Wrap Proxy
24
Scan Proxy
25
Report
26
Burp
27
Site Map
28
Scanner
29
OAuthZ
30
Attack Proxy
31
HTML Reports
32
Fiddler
33
Watcher
34
Web Test Framework
35
Samurai
36
SQL Maps
37
Practice
38
Wrap Up
39
Questions
Description:
Explore app security testing and secure development lifecycle practices in this 58-minute conference talk. Learn about integrating security into the development process, production testing techniques, and essential hacking tools. Discover four key steps in security testing: reconnaissance, mapping, vulnerability assessment, and exploitation. Gain insights into active web scanners, GUI tools, and command-line utilities like Skipfish. Examine proxy-based tools such as Burp Suite, OWASP ZAP, and Fiddler for in-depth web application testing. Acquire practical knowledge on using SQL maps and implementing a comprehensive web test framework to enhance your application security skills.

Application Security Testing and SDLC for Developers

Add to list
#Information Security (InfoSec) #Cybersecurity #Application Security #Penetration Testing #Ethical Hacking #Burp Suite #SQL Injection #Computer Science #Software Engineering #Software Development Life Cycle #Vulnerability Assessment #Programming #Software Development #Software Testing #Web Application Testing #Web Development #Fiddler #Web Security #OWASP ZAP
0:00 / 0:00
1 of 39

Intro