Security testing training end to end
Hi All Can someone help me with the in detailed training video of Security testing using ReadyAPI , I have gone through the articles but I couldnt find it helpful
Forum Discussion
Hey Jainsoumya,
As no one else has come back on this, if you provide the links to the videos and i'll give em a watch and then maybr i can help
Cheers,
Rich.
As no one else has come back on this, if you provide the links to the videos and i'll give em a watch and then maybr i can help
Cheers,
Rich.
Hi richie
Thank you so much for the help
The video I found was of API security testing https://www.youtube.com/watch?v=w3vLUVeVT6o
I am looking for Web application security testing training video
Hey Jainsoumya
ok - I've watched the video - it's a quick presentation to give you the general principles of the vulnerability testing youre able to do in ReadyAPI.
Are you just trying to learn more about this sort of vulnerability testing or do you have specific questions?
Unless you actually put it into practice it wont mean much to you - do you actually need to do some vulnerability testing or are you just trying to learn for when you might have to?
If I wanted to learn this stuff from ReadyAPIs perspective I think the first thing I would do is to have a look at all the different scan types available - e.g. fuzzy matching, cross site scripting, SQL/JavaScript injection, etc., etc. and learn what each of these scans are actually checking for and why. Once you actually know what each of them do - you can then consider your testcases/teststeps in your functional tests and decide which scan types are appropriate to your tests. i.e. as the video indicates - ReadyAPI reuses the functional tests as the basis for the content of vulnerability scans - so say you have json payloads in your functional tests then you wouldnt have any malformed XML scans in your vulnerability tests.
So - you need to know what each of the scans do to determine if theyre going to be required.
Does that help at all?
cheers,
Rich
