Web App Tooling Burp Suite OWASP ZAP sqlmap and WPScan – PenTest+ PT0-003

Posted By on April 27, 2026

🎯 Free Hub: https://professorerica.com/pentestplus • 📝 Practice Test: https://professorerica.com/pentestplus-practice – Web application testing closes out Domain 4 of PT0-003. This video covers the four tools the exam names specifically: Burp Suite (Proxy, Repeater, Intruder, Scanner), OWASP ZAP as the free alternative with CI/CD pipeline strengths, sqlmap for automated SQL injection detection and exploitation (–level, –risk, –dbs, –dump, –os-shell), and WPScan for WordPress plugin, theme, and user vulnerability enumeration. The Equifax 2017 breach provides the real-world stakes throughout. Watch the next video for Domain 5: Post-Exploitation and Lateral Movement.

▶ Watch next: Denial of Service and Service Exploitation Buffer Overflows to RCE – PenTest+ PT0-003
https://www.youtube.com/watch?v=0R2HYub4PbY

📺 Full playlist: CompTIA PenTest+ PT0-003 (2026)
https://www.youtube.com/playlist?list=PLlIAFxS296484tnV2UdXls2eqk2Zokn0D

Chapters:
0: 00 Web App Tooling: The Final Domain Four Toolkit
3: 08 Burp Suite: Proxy, Repeater, and Intruder
5: 27 Burp Suite Scanner and Active Testing Workflows
7: 26 OWASP ZAP: Free Scanner and Automation Framework
9: 49 sqlmap: Automated SQL Injection Detection and Exploitation
12: 01 WPScan: WordPress Vulnerability Assessment
14: 45 Quiz Time

#PenTestPlus #BurpSuite #cybersecurity

Disclosure

The avatars and voices in this video are AI-generated. All content — research, scripts, lesson design, and the custom video engine — is created by a CISSP, CISM, and PMP certified professional with a Master’s in Project Management, a B.S. in Information Technology, and a Doctorate in Business Administration in progress.

This channel exists to make learning accessible and straightforward.

CompTIA® and PenTest+® are registered trademarks of CompTIA, Inc. This channel is not affiliated with, endorsed by, or sponsored by CompTIA. All content is produced independently for educational purposes only. All penetration testing techniques shown are for authorized, legal use only — obtain written permission before testing any system you do not own. For official exam objectives, pricing, and policies visit comptia.org.