Practical Web security testing training courses:
I. Common Web Security Vulnerabilities
1. Hacker Technical Analysis
2. Introduction to common hacker tools
3. Common Web Attacks
Ii. Web Security Vulnerability Detection
1. Http Security Test
2. url query string tampering, post data tampering, Cookie tampering, and HTTP header tampering
3. Http security vulnerability check, common tools, and Case Analysis
4. Cross-site scripting (XSS) method and XSS Principle Analysis
5. XSS attack and defense drills and case analysis
6. XSS vulnerability detection methods, tools, and code reviews
7. security consequences caused by XSS and how to prevent XSS
8. Hide form field vulnerabilities and case analysis
9. Check methods, tools, and code for hiding form fields
10. DoS attack and DOS principles
11. DoS attack and defense drills and case analysis
12. DoS attack check
13. How to Prevent DoS Attacks
14. SQL injection attack methods and principles
15. SQL injection attack and defense drills and case analysis
16. SQL Injection check methods, tools, and code review
17. security consequences caused by SQL injection and how to prevent SQL Injection
18. Command Injection Vulnerabilities, attack methods, and case studies
19. Detect command injection vulnerabilities through code review
20. xml Security Vulnerabilities
21. XPath injection, XML bomb, XXE attack, and Case Analysis
22. Information Leakage
23. Forceful browsing, exposure of excessive information, and Case Analysis
24. How to Avoid information leakage and code review
Iii. Software Security R & D process
1. Application of Software Security R & D process, security modeling, and security modeling tools
2. Write Secure Code
3. Introduction to software security testing methods and common security testing tools
4. altoroj Project Security Test Drill
Http://gdtesting.gotoip55.com/news.php? Id = 15