Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Web Application Penetration Testing: Business Logic Testing

via Pluralsight

Overview

Business logic flaws are context specific and very hard for automated tools to discover. This course will teach you how to identify and exploit business logic vulnerabilities.

Web Applications are sometimes designed based on flawed assumptions about how business logic should work, using the application in unintended ways may result in outstanding security vulnerabilities with a critical business impact . In this course, Web Application Penetration Testing: Business Logic Testing, you’ll learn to assess business logic flaws in modern web applications. First, you’ll explore scoping, and how to get the relevant business logic context of the application. Next, you’ll discover how to exploit business logic flaws based on the OWASP WSTG. Finally, you’ll learn how to identify and advise on bad design practices. When you’re finished with this course, you’ll have the skills and knowledge of business logic testing needed to assess the security of web applications.

Syllabus

  • Course Overview 1min
  • Defining Business Logic Testing 16mins
  • Exploiting Weak Data Validation 16mins
  • Attacking Business Workflows 10mins
  • Testing File Upload Mechanisms 19mins

Taught by

Cristian Pascariu

Reviews

Start your review of Web Application Penetration Testing: Business Logic Testing

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.