Nie odkładaj rozwoju na później. Kursy Python, Data, AI i inne taniej do 24 marca.
Sprawdź
Trainings listAI

OWASP & Security Testing in DVWA Training

Level

Beginner

Duration

16h / 2 days

Date

Individually arranged

Price

Individually arranged

OWASP & Security Testing in DVWA Training

The OWASP & Security Testing in DVWA training is a practical introduction to web application security based on one of the most popular testing platforms – Damn Vulnerable Web Application (DVWA). During the course, you will learn about key vulnerabilities from the OWASP Top 10 list, how to install and configure a testing environment, conduct penetration tests, and analyze their results. The training has a workshop format, allowing you to safely practice real-world attacks and defense methods in a controlled environment.

Who is this training for?
  • logo infoshare Developers who want to learn the most common security mistakes in applications
  • logo infoshare Software testers entering the field of security testing
  • logo infoshare System administrators and DevOps teams interested in strengthening web application security
  • logo infoshare People starting a career in cybersecurity

What You Will Learn

  • To understand the mission and key projects of OWASP, including the OWASP Top 10 list
  • To install and configure a testing environment (Kali Linux, DVWA)
  • To perform penetration testing of web applications in low, medium, and high modes
  • To detect and exploit common vulnerabilities: SQL Injection, XSS, CSRF, LFI/RFI, Path Traversal, Command Injection
  • To use basic pentesting tools (Burp Suite, sqlmap, Hydra)
  • To apply best practices for securing web applications and reducing risk

Training Program

  1. Day 1

  • Module 1: Introduction to Web Application Security

    • What OWASP is – mission, goals, and projects
    • Overview of the OWASP Top 10 (latest version)
    • The importance of security in the application lifecycle
  • Module 2: Preparing the Environment

    • Installing Kali Linux (VirtualBox / VMware)
    • Updating and configuring the system
    • Installing and configuring DVWA (Damn Vulnerable Web Application)
    • Running Apache and MySQL services
    • Accessing DVWA in the browser
  • Module 3: Basics of Testing

    • Introduction to penetration testing methodology
    • Security levels in DVWA (low, medium, high)
    • Working in a controlled laboratory environment

  1. Day 2

  • Module 4: Key Web Application Vulnerabilities

    • Path Traversal – accessing files outside the application directory
    • Local File Inclusion (LFI)
    • Remote File Inclusion (RFI)
    • SQL Injection – manipulating database queries
    • Command Injection – executing system commands
    • Cross-Site Scripting (XSS)
    • Cookie manipulation and session hijacking
    • Brute-force attacks on application login
    • Cross-Site Request Forgery (CSRF)
    • File upload vulnerabilities
  • Module 5: Tools in Security Testing

    • Kali Linux tools:
      • Burp Suite
      • sqlmap
      • Hydra
    • Browser and developer tools
    • HTTP/HTTPS traffic analysis
  • Module 6: Summary

    • How to secure web applications
    • Best practices in secure coding
    • Further learning resources:
      • OWASP Cheat Sheets
      • DVWA documentation

Contact us

we will organize training for you tailored to your needs

Przemysław Wołosz

Key Account Manager

przemyslaw.wolosz@infoShareAcademy.com

    The controller of your personal data is InfoShare Academy Sp. z o.o. with its registered office in Gdańsk, al. Grunwaldzka 427B, 80-309 Gdańsk, KRS: 0000531749, NIP: 5842742213. Personal data are processed in accordance with information clause.