Intellectual Point

Web App Penetration Testing with Burp Suite

Learning Objectives

Intellectual Point
Web app pen testing fundamentals

Web app security fundamentals

Intellectual Point
Web app security fundamentals

OWASP Test Framework

Intellectual Point
Burp Suite fundamentals

Course Schedule

OWASP Top 10 2017 (most current) – what we’ll be teaching:
  • Injection (A1:2017)
  • Broken Authentication (A2:2017)
  • Sensitive Data Exposure (A3:2017)
  • XML External Entities (XXE) (A4:2017)
  • Broken Access Control (A5:2017)
  • Security Misconfiguration (A6:2017)
  • Cross-Site Scripting (XSS) (A7:2017)
  • Insecure Deserialization (A8:2017)
  • Using Components with Known Vulnerabilities (A9:2017)
  • Insufficient Logging & Monitoring (A10:2017)

Training program

Who: This training is ideal for anyone interested in learning how to conduct cybersecurity penetration tests on web applications using the industry standard and highly popular tool, Burp Suite. Web developers who want to develop with security in mind will also benefit greatly from this training.

Why: Web applications pose a huge risk factor for organizations as they are often internet-facing or have the potential for abuse from threat actors who get past an organization’s perimeter. These applications often allow users of various roles to access company and client Personally Identifiable Information (PII), databases, and other sensitive data.

Penetration Tester Salary: $116,599 average annual salary according to Indeed.com for Penetration Tester in Washington, DC

Target audience:

  • Beginner-intermediate
  • Some web dev or pen test background helpful but not required
  • Red team and blue team are both welcome
  • Red team will learn how to effectively pen test web apps
  • Blue team will learn real-world hacker TTPs and how to detect web app attacks

Register For Class

Date

Type

Location

March: - 9:00 AM - 5:00 PM Sterling, VA + Live Virtual Register

Download Course PDF

Private Team Training

Enrolling at least 3 people in this course? Consider bringing this (or any course that can be custom designed) to your preferred location as a private team training

For details, call 704-554-3827

Event Presentation in crowded room

Come Learn With Intellectual Point

Price Match Guarantee!

We will match Competitor’s Price Quote.
Call for more details 703-554-3827

About the Instructor:

Ben brings a diverse background in cybersecurity, IT, law, and law enforcement to Polito. After earning his JD from William & Mary School of Law in 2010 and providing IT ande-discovery support to law firms, Ben joined Booz Allen Hamilton as a cybersecurity consultant in 2012. While a member of Advanced Persistent Threat (APT) hunt teams assigned to commercial and federal clients, Ben sharpened his network security monitoring, forensics, incident response, malware analysis, cyber threat intelligence, and security architecture skills. He has earned the CISSP, GIAC Certified Forensic Analyst (GCFA), GIAC Web Application Penetration Tester (GWAPT), and Splunk Certified Power User certifications. Ben is a member of the Maryland bar and volunteers at a pro bono legal clinic.

happy clients

What Our Customers Say - Based on over 600+ Reviews!

Our Top Customers
Training and Testing Partners