OWASP Top 10: A1 - Injection

OWASP 2021 | Intermediate

7 Videos | 40m 1s
Includes Assessment
Earns a Badge

From Channel:

OWASP

From Journey:

Web App Vulnerability Analyst

Many web applications accept input from either external data sources or app users. In this course, you'll learn about various types of injection attacks such as SQL and command injections. You will learn how malicious users submit malicious code or commands to a web app for execution by the web server stack. Next, you'll learn how to test a web app for injection vulnerabilities using the OWASP ZAP tool. Next, you'll set low security for a vulnerable web application tool in order to allow the execution of injection attacks. Next, you'll execute various types of injection attacks against a web application. Lastly, you will learn how to mitigate injection attacks using techniques such as input validation and input sanitization.

WHAT YOU WILL LEARN

discover the key concepts covered in this course

recognize types of injection attacks

test a web app for injection vulnerabilities using the OWASP Zed Attack Proxy (ZAP) tool

use freely available tools to run a SQL injection attack against a web application
use freely available tools to run a command injection attack against a web application

mitigate injection attacks using techniques such as fuzzing and input validation and sanitization

summarize the key concepts covered in this course

IN THIS COURSE

1.

Course Overview

1m 37s

UP NEXT
2.

Injection Attacks

9m 27s
3.

Testing for Injection Attack Vulnerabilities

6m 6s

FREE ACCESS
4.

Executing a SQL Injection Attack

7m 19s

FREE ACCESS
5.

Executing a Command Injection Attack

8m 13s

FREE ACCESS
6.

Mitigating Injection Attacks

6m 33s

FREE ACCESS
7.

Course Summary

47s

FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

COURSE OWASP Top 10: A4 - XML External Entities

COURSE OWASP Top 10: A05:2021-Security Misconfiguration

COURSE CEH v11: Web Application Attacks & Vulnerabilities

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

COURSE CompTIA PenTest+: Information Gathering

COURSE Mobile Security Threats

COURSE OWASP: Top 10 & Web Applications

Get Started

Sharpen your skills. Upgrade your career. Find the right learning path for you, based on your role and skills. Take part in hands-on practice, study for a certification, and much more - all personalized for you.

*Content items for Compliance and Leadership are not included in this subscription.

Your content + our content + our platform = a path to learning success

Using our learning experience platform, Percipio, your learners can engage in custom learning paths that can feature curated content from all sources.

Learn More

Aspire to something bigger

Aspire Journeys are guided learning paths that set you in motion for career success.

Browse Aspire Journeys

Explore a world of live learning with Global Knowledge

Choose from convenient delivery formats to get the training you and your team need - where, when and how you want it.

Browse Live Learning

OWASP Top 10: A1 - Injection

WHAT YOU WILL LEARN

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE