Stagiaire_ZAP - Description de l'offre
The OWASP Zed Attack Proxy (ZAP) is an integrated penetration testing tool for finding vulnerabilities in web applications.
It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
Under direct supervision, the intern will fulfil the following tasks
- 1. Implementation
- Plugins installation (if needed)
- 2. Exploitation
- Pentest by performing different types of predefined attacks (Brute force, Fuzzing, Port scanning etc.…)
- Analyze the results of performed attacks and the reports in order to identify the exploited vulnerabilities
- Give recommendations and best practices to secure the scanned applications
- Write documentation and guides in English
- 3. Automating
- Adding automated Penetration Testing to Continuous Integration pipelines by integrating OWASP ZAP plugin with Jenkins
- Education Background : Bac+3 or more
- Vulnerability and Malware Analysis(threat and attack analysis)
- Secure code development
- Unix/Linux Operating System
- Apache server application and other web development tools (PHP, Mysql…)
- Knowledge of information system security technologies, risks and mitigations, i.e. system hardening, risks analysis
- Application security
- Willing spirit to learn and take on new tasks
- Ability to work well with others and listen to direction
- Good English written communication skills
Pour postuler, rendez-vous UNIQUEMENT sur http://recrut.advanstunisie.com
Il vous sera demandé de télécharger votre CV et de remplir un dossier de candidature.