Web application security is the branch of Information Security that deals specifically with the security of websites, web applications, and web services. At a high level, web application security draws on the principles of application security but applies them specifically to internet and web systems.
The course starts from the basics of web applications by defining the web application test scope and processes. You will learn about information gathering techniques to find information about web applications in the initial phase. Then you will learn the most important attacks on web applications such as SQL injection, command injection, XSS attacks, CSRF attacks, DOS attacks, buffer overflow attacks, and more . Finally, the course will also cover techniques to defend web applications from various types of attack.