Forum Discussion
As no one else has come back on this, if you provide the links to the videos and i'll give em a watch and then maybr i can help
Cheers,
Rich.
- Jainsoumya3 years agoContributor
Hi richie
Thank you so much for the help
The video I found was of API security testing https://www.youtube.com/watch?v=w3vLUVeVT6o
I am looking for Web application security testing training video
- richie3 years agoCommunity Hero
Hey Jainsoumya
ok - I've watched the video - it's a quick presentation to give you the general principles of the vulnerability testing youre able to do in ReadyAPI.
Are you just trying to learn more about this sort of vulnerability testing or do you have specific questions?
Unless you actually put it into practice it wont mean much to you - do you actually need to do some vulnerability testing or are you just trying to learn for when you might have to?
If I wanted to learn this stuff from ReadyAPIs perspective I think the first thing I would do is to have a look at all the different scan types available - e.g. fuzzy matching, cross site scripting, SQL/JavaScript injection, etc., etc. and learn what each of these scans are actually checking for and why. Once you actually know what each of them do - you can then consider your testcases/teststeps in your functional tests and decide which scan types are appropriate to your tests. i.e. as the video indicates - ReadyAPI reuses the functional tests as the basis for the content of vulnerability scans - so say you have json payloads in your functional tests then you wouldnt have any malformed XML scans in your vulnerability tests.
So - you need to know what each of the scans do to determine if theyre going to be required.
Does that help at all?
cheers,
Rich
Related Content
- 3 years ago
- 3 years ago
- 5 years ago
- 5 years ago
Recent Discussions
- 7 days ago