Practical Web Application Vulnerability Assessment and Penetration Testing with Linux and OWASP Tools
Instructor: Johnny Chuah
The class session will introduce participants to the concepts, methodologies and tools employed in web application penetration testing. Starting from using automated reports through scanners to more detailed manual testing, analyses of findings, verification and validation through secondary tools, to penetration and execution of exploits to obtain system access and compromise.
Methodology – Overview of OWASP Web Application Penetration Testing Methodology
Using scanners, automated reports to gather information, footprint a system and application.
Description and basics of session cookies
- Have some familiarity with Linux, basic file and script editing, and running and piping commands from the Linux terminal.
What Students Should Bring
- Have a laptop with Linux as the main host operating system or within a guest virtual machine. You can have Linux running in VMware, VirtualBox or Hyper-V. Install the OWASP ZAP (Zed Attack Proxy) tool – https://github.com/zaproxy/zaproxy/wiki/Downloads
Johnny Chuah has been with MicroSolved, Inc since 2015 as a security engineer. Prior to that, he taught databases, servers and security at Hocking College for 14 years and was an adjunct faculty at Franklin University teaching Windows Administration for 8 years. He is deeply motivated to sharing and helping others be more security aware with networked devices and applications.
Date and Time
October 12, 2018
- Morning session: 8:30 AM to 12 at noon
- Lunch break: 12:00 to 1:00 PM
- Afternoon session: 1:00 PM to 4:30 PM
Go to registration page to register for the training course and select “Ohio LinuxFest Institute Professional Pass”. During the registration process, you will get an option to select your training program.