June 2017
Intermediate to advanced
338 pages
8h 28m
English
Content preview from Mastering Kali Linux for Web Penetration Testing
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
OWASP's OTG
The most widely accepted reference in web pen testing is the OWASP Testing Guide also known as OTG, Version 4 (https://www.owasp.org/index.php/OWASP_Testing_Project). The OWASP has led the field for many years due to heavy participation from the community and its stellar reputation for anticipating trends and teaching the community to test against them. OWASP's influence is a major driver in presentations at conferences such as those run by SANS, Black Hat, and DevCon, and their top 10 web security threats are a must-read for any of us.
The OTG, much like the NIST guidance, provides some tips and pointers for incorporating testing in appropriate phases. OWASP maintains the OTG more regularly that the other full-coverage frameworks ...