Related Posts
I have a weird experience with KPMG India . Two weeks ago I had salary negotiation with the HR manager. He told me that the offer will be released in a couple of days but I haven't received the offer letter yet.I tried reaching out to the HR manager but didn't receive any response. Shall I take it as no?
Additional Posts in Cyber Security Professionals
What's the level/designation and min salary at product based company with 17 YoE , last 10 yr in security consulting, design and architecture reviews for product. Looking for cloud security Palo Alto Networks Aujas Cybersecurity Google Cloud Azure Group Amazon Web Services Microsoft CrowdStrike Sentinel Labs Inc
Age, gender, tech stack, yoe, ctc, company name
New to Fishbowl?
unlock all discussions on Fishbowl.
If you want to dive into web application testing, portswigger's web academy is by far the best resource. Its free. Both theoretical and practical. You get to practice what you learn by means of labs (ranging from beginner level to advanced).
Also, OWASP web application testing guide is another great resource in my opinion.
Thank you for the information!!
i am not sure about sast but for dast try hack me web app pentesting path is a good idea. In youtube channel's live overflow, david bombal, john hammond are good resources. But you will have to filter relevant content as they make video regarding multiple topics. Practice port swigger exercises and you can read the owasp web testing guide 4.0 for test cases. This will be helpful for interviews in other comapnies later too. For SAST first try to understand the defects like xss etc in then look at code snippets. Also reading the tool recommendation before looking at the code helps clear my mind. I think pentesterlab as code review related exercises. You can also try xss rat bug bounty course for dast/web app pentest.
Thank you for the info