Close
Training
CMD+CTRL Base Camp
Courses
Overview
Features
Learning Paths
Course Catalog
Customer Success
Try it
Labs
Cyber Range
Overview
Environments & Modes
Reporting
Customer Success
Get Started
✓ Take the AppSec Challenge
Services
Overview
Software Penetration Testing
Pen testing Overview
IoT Pen Testing
Mobile Pen Testing
Cloud & Web Penetration Testing
Blockchain Pen Testing
Our Difference
Application Security Consulting
Secure SDLC (SSDLC) Consulting
Application Security Code Review
Architecture & Design Review
Medical Device Threat Modeling
Infrastructure Security Consulting
Attack Simulation
Cloud Security Configuration
Security Tabletop Consulting
Solutions
Cloud & Web
Mobile
IoT & Embedded
Blockchain
Resources
Guides & Case Studies
Webinars
About Us
Company Overview
20 Years of Innovation
Partners
Community
Clients
Leadership
Careers
News & Events
Contact
Let’s Talk
Ed TALKS
We’re Hiring
Blog
Course Catalog
Ed TALKS
We’re Hiring
Blog
Course Catalog
Training
CMD+CTRL Base Camp
Courses
Overview
Features
Learning Paths
Course Catalog
Customer Success
Try it
Labs
Cyber Range
Overview
Environments & Modes
Reporting
Customer Success
Get Started
✓ Take the AppSec Challenge
Services
Overview
Software Penetration Testing
Pen testing Overview
IoT Pen Testing
Mobile Pen Testing
Cloud & Web Penetration Testing
Blockchain Pen Testing
Our Difference
Application Security Consulting
Secure SDLC (SSDLC) Consulting
Application Security Code Review
Architecture & Design Review
Medical Device Threat Modeling
Infrastructure Security Consulting
Attack Simulation
Cloud Security Configuration
Security Tabletop Consulting
Solutions
Cloud & Web
Mobile
IoT & Embedded
Blockchain
Resources
Guides & Case Studies
Webinars
About Us
Company Overview
20 Years of Innovation
Partners
Community
Clients
Leadership
Careers
News & Events
Contact
Let’s Talk
Course Catalog
/
Subject
/
owasp-asvs
owasp-asvs
The Courses
View All Courses
Download Course Catalog
LAB 324 ATT&CK: Exploiting Java Web Application Server Misconfiguration (NEW)
12 Minutes
Elite
LAB 323 ATT&CK: Exploiting Vulnerable Java Web Application Server Software (NEW)
12 Minutes
Elite
LAB 315 ATT&CK: Updating Vulnerable Java Web Application Server Software (NEW)
12 Minutes
Elite
LAB 244 Defending Java Against Security Misconfiguration (NEW)
12 Minutes
Advanced
LAB 242 Defending Node.js Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
10 Minutes
Advanced
LAB 241 Defending C# Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
10 Minutes
Advanced
LAB 240 Defending Java Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
10 Minutes
Advanced
LAB 223 Defending Node.js Against SQL Injection (NEW)
10 Minutes
Advanced
LAB 222 Defending Python Against SQL Injection (NEW)
10 Minutes
Advanced
LAB 221 Defending C# Against SQL Injection (NEW)
10 Minutes
Advanced
LAB 113 Identifying Cryptographic Failures (NEW)
5 Minutes
Advanced
LAB 330 ATT&CK: Exploiting Java SQL Injection to Extract Password Hashes (NEW)
15 Minutes
Elite
LAB 322 ATT&CK: Exploiting Windows File Sharing Server with External Remote Services (NEW)
20 Minutes
Elite
LAB 321 ATT&CK: Password Cracking (NEW)
5 Minutes
Elite
LAB 237 Defending Java from SQL Injection (NEW)
20 Minutes
Advanced
LAB 233 Defending Node.js Against XSS (NEW)
15 Minutes
Advanced
LAB 232 Defending C# Against XSS (NEW)
15 Minutes
Advanced
LAB 231 Defending Python Against XSS (NEW)
15 Minutes
Advanced
LAB 230 Defending Java Against XSS (NEW)
15 Minutes
Advanced
LAB 220 Defending Against Hard-Coded Secrets (NEW)
5 Minutes
Advanced
LAB 120 Identifying XML Injection (NEW)
5 Minutes
Core
LAB 119 Identifying Persistent XSS (NEW)
5 Minutes
Advanced
LAB 118 Identifying Weak File Upload Validation (NEW)
5 Minutes
Advanced
LAB 117 Identifying Hidden Form Field (NEW)
5 Minutes
Advanced
LAB 116 Identifying Forceful Browsing (NEW)
5 Minutes
Advanced
LAB 115 Identifying Reflective XSS (NEW)
5 Minutes
Advanced
LAB 114 Identifying Cookie Tampering (NEW)
5 Minutes
Advanced
LAB 110 – Identifying Sensitive Data Exposure Vulnerability Identification
7 Minutes
Advanced
LAB 109 – Identifying Security Misconfiguration Vulnerabilities
5 Minutes
Advanced
LAB 108 – Identifying Reverse Engineering Vulnerabilities
8 Minutes
Advanced
LAB 107 – Identifying Injection Vulnerabilities
7 Minutes
Advanced
LAB 106 – Identifying Cross-Site Scripting Vulnerabilities
7 Minutes
Advanced
LAB 105 – Identifying Credential Dumping: Vulnerability Identification
7 Minutes
Advanced
LAB 103 – Identifying Broken User Authentication Vulnerabilities
7 Minutes
Advanced
LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities
5 Minutes
Advanced
LAB 101 – Identifying Broken Access Control Vulnerabilities
5 Minutes
Advanced
SDT 325 – Testing for NULL Pointer Dereference
10 Minutes
Elite
SDT 324 – Testing for Improper Restriction of Operations within the Bounds of a Memory Buffer
10 Minutes
Elite
SDT 323 – Testing for Improper Input Validation
10 Minutes
Elite
SDT 322 – Testing for Improper Privilege Management
10 Minutes
Elite
SDT 321 – Testing for Uncontrolled Resource Consumption
10 Minutes
Elite
SDT 320 – Testing for Out-of-bounds Write
10 Minutes
Elite
SDT 319 – Testing for Out-of-bounds Read
10 Minutes
Elite
SDT 318 – Testing for Insufficiently Protected Credentials
10 Minutes
Elite
SDT 317 – Testing for Improper Control of Generation of Code
10 Minutes
Elite
SDT 326 – Testing for Use After Free
10 Minutes
Elite
TST 206 – ASVS Requirements for Developers
20 Minutes
Advanced