Skip to content
O'Reilly home
Learning Path

Introduction to Web Application Security Testing with Kali Linux

Instructor Courtney Allen
Time to complete: 1h 37m

Published byO'Reilly Media, Inc.

CreatedFebruary 2018

What is this learning path about, and why is it important?

One of the primary attack surfaces that hackers look to exploit when trying to gain access to a company’s digital assets is the one that is right there at the proverbial “front door”: the web applications. Today, nearly every company—from small to global scale, and spanning every industry—uses web applications, especially for interacting with their customers. And, for a new generation of web-savvy consumers, a company’s website is often the only way many customers now transact business, including browsing products, purchasing products, paying bills, making appointments or reservations, and so many other things, so not having a web presence is no longer an option. Unfortunately, these web applications can provide entry points to the internals of the business, making it possible for bad actors to steal or corrupt data.

In this learning path, your host, IT security specialist Ric Messier, introduces you to open source tools that you can use to help identify security vulnerabilities within your web applications. More than ever, web application security testing is essential for businesses to help protect against intrusions. This has led to an increasing demand for accomplished and knowledgeable testers. If you are an entry- to intermediate-level developer or security engineer who wants to learn how to spot and plug the holes in your web applications security, let Ric get you started on this very important journey.

What you’ll learn—and how you can apply it

  • How to identify web-based vulnerabilities and how to remediate them
  • How to identify misconfigurations and how to correct the configuration
  • How to use web browser plug-ins to gather information about web applications to identify potential vulnerabilities

This learning path is for you because…

  • You want to learn how to identify and remediate problems within web applications to bolster your value to your organization
  • You have an interest in information security and want to gain additional information about vulnerabilities and remediations
  • You are a web application developer and want to understand how and where your work potentially exposes your company to risks of attack so that you can improve your applications


  • You should have a basic knowledge of operating systems
  • You should be aware of the fundamentals of security testing

Materials or downloads needed in advance

  • Kali Linux