Course Outline


Overview of Web Security Testing Guide

  • The OWASP Testing Project
  • Tailoring and prioritizing for organizations
  • Testing principles and techniques
  • Security testing objectives and requirements

Exploring Various Testing Techniques

  • Manual inspections and reviews
  • Threat modeling
  • Source code review
  • Penetration testing
  • Security test integration and data analysis

Understanding the OWASP Testing Framework

  • Activities from development to deployment
  • Maintenance and operations
  • Lifecycle end-to-end testing framework and workflow
  • Penetration testing methodologies

Performing Web Application Security Testing

  • Information gathering
  • Configuration and deployment management testing
  • Identity management testing
  • Authentication and authorization testing
  • Session management testing
  • Input validation testing
  • Testing for error handling
  • Testing for weak cryptography
  • Business logic testing
  • Client-side testing
  • API testing

Reporting the Testing Assessment and Results

  • Introduction section
  • Executive summary
  • Findings section
  • Appendices

Getting Involved in the Web Security Testing Guide

  • Referencing and linking WSTG scenarios
  • Code of conduct
  • Contribution guide
  • Feature requests and feedback

Summary and Conclusion


  • A general understanding of web development lifecycle
  • Experience in web application development, security, and testing


  • Developers
  • Engineers
  • Architects
  21 Hours


Related Courses

Web Security with the OWASP Testing Framework

  28 hours

Secure Developer Java (Inc OWASP)

  21 hours

Secure Developer .NET (Inc OWASP)

  21 hours

OWASP Top 10

  14 hours

OWASP Mobile Security Testing Guide

  21 hours

Python Programming - 4 days

  28 hours

Website Development in PHP

  21 hours

Design Patterns in PHP

  14 hours

Web Application Development in PHP

  21 hours

JavaScript - Advanced Programming

  14 hours

Administration with Powershell

  35 hours

Web Development with Symfony3

  28 hours

Web application development with Flask

  14 hours

Progressive Web Apps (PWA)

  14 hours

React: Build Highly Interactive Web Applications

  21 hours