30 Days of Security Testing Days 1-8 Blog Posts


(Heather) #1

The folks from WeTest are doing 30 Days of Security Testing for October and November. @ceedubsnz has been blogging his way through the security testing challenges :tada: Blogs 1 - 8 are below:

Day 1: Read a security blog

Day 2: Select and read a book related to security testing

Book recommendation from Mike: Ghost in the Wires by Kevin Mitnick.

Day 3: Use a security tool - examples: ZAP or Burpsuite

Day 4: Learn anything about vulnerability scanning

Day 5: Learn about threat modelling (i.e. like the stride model)

Day 6: Explore these sites: Google Gruyere; Hackyourself first; Ticket Magpie; The Bodgeit store

Day 7: Learn one or more things about penetration testing

Day 8: Use a proxy tool to observe web traffic in a web or mobile application


(Mike) #2

Thanks for the mention! The 30 Days of Security Challenge has been really well received, thanks for building such an awesome resource!
Awkward timing with the API testing challenge coming out at the same time but I hope to give that a go sometime next year