Hi fishes,

Can anyone help me with some online resources for learning SAST, DAST and web pentesting. Any YouTube playlists or other resources or courses which could actually explain concepts practically.

TIA.

like
Posting as :
works at
You are currently posting as works at

If you want to dive into web application testing, portswigger's web academy is by far the best resource. Its free. Both theoretical and practical. You get to practice what you learn by means of labs (ranging from beginner level to advanced).

Also, OWASP web application testing guide is another great resource in my opinion.

like

Thank you for the information!!

i am not sure about sast but for dast try hack me web app pentesting path is a good idea. In youtube channel's live overflow, david bombal, john hammond are good resources. But you will have to filter relevant content as they make video regarding multiple topics. Practice port swigger exercises and you can read the owasp web testing guide 4.0 for test cases. This will be helpful for interviews in other comapnies later too. For SAST first try to understand the defects like xss etc in then look at code snippets. Also reading the tool recommendation before looking at the code helps clear my mind. I think pentesterlab as code review related exercises. You can also try xss rat bug bounty course for dast/web app pentest.

like

Thank you for the info

Related Posts

Hi capgemini folks,
I have joined capgemini recently and till now can't find accommodation as per my requirement in Airoli. So can i stay at Capgemini's guest house for a few months? Anyone knows anything about that?

like

In case anyone is looking to get into product management, I came across this image which shows some books you could read to get into the role.

P.S: I saw this on Linkedin posted by Dr Milan Milanovic. So all credits to him!

Post Photo
likehelpfulsmart

If you were to vote today, who would you vote for in 2020? I know it’s far away and all that. I just want to get an impression of people here’s feelings

Have an interview coming up with Amex for project management roles. Recruiter said they are considering me for multiple open roles? Can anyone give me some insight into this? There’s a behavioral and American Express technical interview

like
like

Hi All, How many days do I need to wait to receive offer letter from @ Wells Fargo. I have submitted all required documents. How can I know the status?

like

Who is looking for ADs? New York, Chicago or LA

startup Gig Alert: I am looking for a brand designer to join our startup team at Lifelines (truly a startup and we’re not in stores yet). We’re a product company set for revolutionizing how people approach sensorial wellness and I’m looking for someone with holistic experience in branding / art direction with a clear, bold visual style. Around 5 years of experience preferred. But work and personality trump years in experience. Always remote+unlimited PTO. Send me books / portfolios.

like

Does anyone use the Garmin Venu for running? Would you recommend?

like

What are some of the best countries to work in as a research scientist?

like

Which of the two contributes more revenue YOY then the other? New Clients or Existing Customers?

like

So all the anti-covid folks are pretty quiet now that we have seen a steep incline of cases in states that reopened early (Florida, Texas, Georgia) 🤔

like

Any referrals at EY in GPS?

Literally all of my LinkedIn connections are recruiters lmao

likefunny

Has anyone actually gone through with accepting an offer from the Siegfried Group? I hear from a recruiter representing them probably once a week. How is it?

like

Anyone here can share experience with dating/relationships and weight-gain? I am not obese, but definitely overweight. I lead a relatively healthy life but know I can do more. However, I find that my weight keeps me from socializing, meeting new people and dating. How can I improve my self-esteem?

like

I am in Canada, Band 8 in IBM consulting and received an offer for Senior Manager in Deloitte Advisory at 145K base plus 10k signon. How do you rate this offer?

like

Hi all. I have applied for Oracle PL/SQL job opening at BOFA. How many rounds of interview will happen and what are they? And my YOE : 6.6 my current CTC is 14.68LPA. How much should be my expected CTC?

like

At what point during the day do you stop drinking coffee/caffeine?

Want to give myself a hard cut off. Have been having issues with sleep since starting adhd meds…

like

Planning to take the CIPP and CIPM. Will be doing self-study. What is the “book” everyone refers to for studying? Is it just the “study guide” the IAPP sells? Does anyone know if the study guides and sample questions you can buy on amazon are sufficient to use for passing? Appreciate any and all advice.

like

Additional Posts in Cyber Security Professionals

Hello,
I am about to finish my notice period working as a SOC L1, yeo 2 please help me with how much I should ask for salary in next company, ctc 4.26 total year of exp 4

like
like

What’s the expected ctc for security analyst role with 6years of experience ?

like

Hi, all looking for a job change with good package.

I am 6 years experienced. A cyber security and information security professional with skill sets in, Vulnerability assessment and management, endpoint security, SAST, DAST, DevSecOps (1.5 years), AWS and Azure, ISO 27001 internal audits and OSINT.

Let me know if anyone can refer me.

Does anyone has interview preparation material?

I have total 4.5 years of experience in pentesting
Certs: CEH, OSCP and CRTP

What should be my expected CTC? My current is 12.5L

like

Any contact of HRs/recruitment agencies that does hiring of security professionals in UAE? TIA

like

Hi guys
Has anyone attended
Nike for penetration testing role?
Need your inputs on something

Nike

like

Sharks Plz suggest which to go for better growth and experience.
KPMG In. vs Aujus vs Paytm vs Upstox vs Eaton vs LRN vs Honeywell

Cyber Security and 1yr experience

like

Hello Folks,
Is it advisable for a person working in networking domain (YOE - 7.5) to move to information security?

like

How much time do u need to prepare for ccsk?

Hi All
Which platform is best to connect with Palo Cortex XSOAR professionals in India

Hey fishes,

I am working as a cloud engineer (managing enterprise cloud for the organisation), some common things I am working on right now are, setting up cloud governance framework, implementing guardrails, enforcing policy etc. I want to switch into cybersecurity expert (specially for cloud) can anyone guide me though the path, the dos and don’ts etc.

Thanks in advance 😀

like
like

Hi guys,
Would be great if I could get your suggestions on this.
I am currently having around 3yrs of exp in banking field but planning to switch my career to cyber security and in process of doing cpt and ceh certification, so will that be good enough to get into a job or is there something else I should be doing??

Thankyou!!

Sys admin (security) role in Zoho- chennai (hometown) with 6.5lpa
Or Information security executive role in Asian paints (9lpa)- Mumbai.
Which one should I choose. Please suggest your opinions.

like

Which company would be great to join as SAP Security and GRC consultant?
Capgemini or Protiviti
Money is an important but not the driving factor, its only about learning and try risk advisory.
YOE: 7 years

like

What is the market range for a professional having 15+ yrs of experience into infosec? Location would be Bangalore.

What type of client mostly Aujas Cyber security have in VAPT?? How much percentage appraisal will happen there ? Aujas

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal