Presentation:

The OWASP Zed Attack Proxy (ZAP) is an integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

S’abonner à notre NEWSLETTER Recevoir tous les offres d'emploi ✅ Regarder la chaine à Recruter.TV

Mission:

Under direct supervision, the intern will fulfil the following tasks

1. 1.      Implementation

• Installation
• Configuration
• Plugins installation (if needed)

1. 2.      Exploitation

• Pentest by performing different types of predefined attacks (Brute force, Fuzzing, Port scanning etc.…)
• Analyze the results of performed attacks and the reports in order to identify the exploited vulnerabilities
• Give recommendations and best practices to secure the scanned applications
• Write documentation  and guides in English

1. 3.      Automating

• Adding automated Penetration Testing to Continuous Integration pipelines by integrating OWASP ZAP plugin with Jenkins

Required Skills:

• Education Background : Bac+3 or more
• Vulnerability and Malware Analysis(threat and attack analysis)
• Secure code development
• Unix/Linux Operating System
• Apache server application and other web development tools (PHP, Mysql…)
• Knowledge of information system security technologies, risks and mitigations, i.e. system hardening, risks analysis
• Application security
• Willing spirit to learn and take on new tasks
• Ability to work well with others and listen to direction
• Good English written communication skills

Pour postuler, rendez-vous UNIQUEMENT  

Il vous sera demandé de télécharger votre CV et de remplir un dossier de candidature.