Related Posts
Additional Posts in Cyber Security Professionals
Hi Everyone,
Need your suggestions please
I come from a cyber strategy background with very little technical experience.
I want to make a shift towards Devsecops,
Could anyone please suggest what is the best way to build the needed skills /do projects online for the relevant experience?,
Thanks,thanks a lot in advance,!
Deloitte DEVOPS
Infosys
New to Fishbowl?
unlock all discussions on Fishbowl.




If you want to dive into web application testing, portswigger's web academy is by far the best resource. Its free. Both theoretical and practical. You get to practice what you learn by means of labs (ranging from beginner level to advanced).
Also, OWASP web application testing guide is another great resource in my opinion.
Thank you for the information!!
i am not sure about sast but for dast try hack me web app pentesting path is a good idea. In youtube channel's live overflow, david bombal, john hammond are good resources. But you will have to filter relevant content as they make video regarding multiple topics. Practice port swigger exercises and you can read the owasp web testing guide 4.0 for test cases. This will be helpful for interviews in other comapnies later too. For SAST first try to understand the defects like xss etc in then look at code snippets. Also reading the tool recommendation before looking at the code helps clear my mind. I think pentesterlab as code review related exercises. You can also try xss rat bug bounty course for dast/web app pentest.
Thank you for the info