The OWASP top 10, mobile top 10 and API 10 demystified - A guide for pentesters, bug bounty hunters and managers

A practical guide for ethical hackers, developers and software testers to the 10 most prevalent security defects of 2017

What you'll learn

The top 10 web vulnerabilities of 2017
The OWASP top 10 in an understandable manner
How to ethically check and implement defences against the OWASP top 10

Who is this course for?

This course is for everyone who needs to work with the OWASP top 10 but found the guide made by OWASP hard to apply or understand like me i have created this course after performing deep research on all the mentioned topics and learning how to apply these techniques. On several topics we will provide hack-a-long video's to make the topics covered visual which allows for a better understanding and it makes it so that you don't need an extreme level of knowledge to get started with this wonderful list.

Even though we have done everything in our power to make this course as beginner friendly, a basic understanding of web applications such HTTP(s) methods such as GET and POST and what is meant by a parameter.

Contents

- A video and PDF covering every topic in the OWASP top 10 as seen from the perspective of testers, developers and managers

- Extra content on several topics where applicable

- Hack along demo video's demonstrating several vulnerability types where applicable

Who this course is for:
Developers who want to learn how bad actors attack their code so they can protect it
Ethical hackers who want to improve their repetoire
Managers who want to gain an understanding of how bad actors attack their application


Your Instructor


Experts with David Bombal
Experts with David Bombal

David Bombal, together with some of the best minds in the industry is offering courses on a wide range of topics including networking, programming and software development. Our team has decades of experience teaching students from all over the world.

Together we can do more!

David Bombal (CCIE #11023 Emeritus) passed his Cisco Certified Internetwork Expert Routing and Switching exam in January 2003 and is one of a small percentage of Cisco Engineers that pass their CCIE labs on their first attempt.

David qualified as a Cisco Certified Systems Instructor (CCSI #22787) many years ago! He has been training Cisco courses for over 15 years and has delivered instructor led courses in various countries around the world covering a wide range of Cisco topics from CCNA to CCIE.

He has also personally developed Cisco engineer utilities such as the VPN Config Generator, software, training materials, EBooks, videos and other products which are used throughout the world.

David has designed, implemented and managed networks ranging from single sites to those that span 50 countries.


Wesley Thijs
Wesley Thijs

I am the XSS Rat, an experienced ethical hacker who stands for quality and who believes knowledge is a building block we can all use to grow bigger than we ever were.

As a software test i have a unique skill set that centers around logic flaws and IDORs which i have not seen very much by other hunters.

This gives me the advantage of finding less duplicates and maximizing my chance of finding a vulnerability by picking the correct target and applying the correct test strategy.


Course Curriculum


  Getting Help
Available in days
days after you enroll
  OWASP top 10 - Protection against .. as a developer
Available in days
days after you enroll
  OWASP top 10 of 2021 - Theory
Available in days
days after you enroll
  OWASP top 10 of 2017- Theory
Available in days
days after you enroll
  OWASP top 10 of 2017 - Demonstrations and practicals
Available in days
days after you enroll
  OWASP API top 10 - Videos
Available in days
days after you enroll
  OWASP API top 10 - PDFs
Available in days
days after you enroll
  OWASP API top 10 - Quizzes
Available in days
days after you enroll
  OWASP Mobile top 10
Available in days
days after you enroll
  Extra: XSS
Available in days
days after you enroll
  EXTRA: A6.2017 Security Misconfiguration
Available in days
days after you enroll
  Extra XXE
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.

Get started now!