OWASP Top 10: A03:2021-Injection

Skillsoft issued completion badges are earned based on viewing the percentage required or receiving a passing score when assessment is required. Many web applications accept input from either external data sources or app users. In this course, learn about the types of injection attacks and how malicious users submit malicious code or commands to a web app for execution by the web server stack. Next, practice testing a web app for injection vulnerabilities using the OWASP ZAP tool, setting low security for a vulnerable web app tool, and executing injection attacks against a web app. Finally, discover how to mitigate injection attacks using input validation and input sanitization. Upon completion, you'll be able to identify and mitigate web app injection attacks.