Web Application Penetration Testing, or webapp pentesting, to put it simply is poking at the code behind a web site to see if there are any holes. If there are, how far down the rabbit hole can we go? We say pentesting instead of just hacking, because there’s not only a methodology (or a repeatable process) behind it, but we must also have permission to do the poking. In the end, we must also report our findings to our bosses or clients and most importantly recommend fixes. But we often talk about the catch 22 of not having experience to get a job like this, and, if you can’t get a job, how do I gain the experience? And with millions of high paying jobs in this field going unfilled because of a lack of skilled candidates, there’s becoming a huge appetite to learn the basics. And since most are either just out of college or even trying to switch careers, creating that technical foundation for little to no money down is the desire of many. We share many tools and even some career advice to become either a pentester or a bug bounty hunter in this FREE EH-Net Live! webinar that was presented on Thurs Dec 19, 2019.