Prerequisite: SDEV 425. A hands-on study of exploits, attacks, and techniques used to penetrate application security defenses and strategies for mitigating such attacks. The objective is to apply appropriate methodologies for software penetration testing to identify application weaknesses and logic flaws and to test and create scripts for exploitation and discovery. Topics include web architecture, application infrastructure, reconnaissance, discovery, mapping, and exploitation.
After completing this course, you should be able to:
- Select, configure, and use a comprehensive set of software penetration tools and frameworks to ethically evaluate and mitigate software vulnerabilities in mobile, web, and desktop applications
- Establish test processes, evaluate results, and analyze code and application architecture to discover and mitigate software vulnerabilities in mobile, web, and desktop applications
- Identify, evaluate, prioritize, and ethically report software vulnerabilities and mitigation strategies