This 5-day course provides an understanding of basic principles of web application security. Most of the times we will be focusing on penetration testing, although the course will also deal with prevention measures and advice for developers.
- Understand the most important web application vulnerabilities: how they can be identified and exploited and how to protect against them.
- Web application pen-testing.
- Basic handling of manual scanning tools like Burp Suite.
- Knowledge of additional resources: web app firewalls, educational web apps, OWASP, etc.
- Network basics (IP’s, TCP, ports, client – server protocols, SSL).
- Basic shell commands (Linux and/or Windows).
- Some server side coding experience will be highly beneficial, although not essential.
Pre-study e-Learning material
ADL 346 Web Application Security (Pre-study material for Web Applications Attack and Defence Course) on the NATO e-Learning website (JADL – https://jadl.act.nato.int/)