Foundstone Ultimate Hacking: Web Training
| Foundstone Ultimate Hacking: Web Training: |
|
Related Courses:
|
|
What You'll Learn
- Strategic, tactical, and operational countermeasures to prevent hackers from exploiting
web-based applications
- Security considerations unique to secure web applications
- Thorough knowledge of popular web application and infrastructure vulnerabilities including
SQL injection, cross site scripting, authentication/authorization issues, and session management weaknesses
- Configuration and usage of web security tools including Nikto, Paros, Fiddler, Brutus, OpenSSL,
and SSLDigger
Course Outline:
Day 1: Web Technology and Testing Tools
- Introduction and Example Attacks
- Preparation and Planning
- HTTP Overview
- ---HTTP Methods
- ---HTTP Headers
- ---Cookies
- ---Referer
- ---User Agent
- ---Using MITM Proxies (Fiddler, Paros)
- ---HTTP Authentication
- ---Basic
- ---Digest
- ---Forms
- ---HTTP Response Codes
- Profiling the Environment
- ---Profiling Web Server Types
- ---Profiling Application Technology including Cookies, Extensions, URL Patterns, and Comments
- ---Known Vulnerabilities
- ---SSL
- ---Site Mapping
- ---Spidering and Mirroring Sites with Wget, SpiderZilla, Paros (manual)
- ---Client-Side Information Leakage
Day 2: Common Application Weaknesses
- Parameter Manipulation
- Cross-Site Scripting
- ---Reflected XSS
- ---Stored XSS
- ---Attacking Intranets from Outside
- ---XSS Exploitation Frameworks
- Data Validation
- ---Ineffective Methods
- ---Input Validation
- ---Output Encoding
- ---Trust Boundaries
- ---Data Encoding
- ---XSS Specific Validation
- SQL Injection
- ---Basic Injection
- ---Union Queries
- ---Blind Injection
- ---SQL Injection Tools
- ---Other Enumeration Techniques
- ---Stored Procedures
- ---SQL-Specific Data Validation
- Other Browser Attacks
- ---URL Redirection
- ---HTTP Header Injection
- ---HTTP Response Splitting
- ---Browser Exploits
Day 3: Less Notorious Application Weaknesses
- Information Disclosure
- ---Page Caching
- ---Autocomplete
- ---Cookie Leakage
- ---Error Messages
- Authentication
- ---Authentication vs. Identification
- ---Authentication Mechanisms
- ---Best Practices
- User Management
- ---Broken User Management
- ---User Management Fundamentals
- ---Information Leakage through Password Reminder Schemes, etc.
- ---Password Storage
- ---Brute Force Attacks
- ---Account Lockout
- ---Reverse Brute Force Attacks
- Session Management
- ---Session Management Recap
- ---Weak Session Identifiers
- ---Analyzing Session Tokens
- ---Sessions Maintained on Client Side
- Cross-Site Request Forgery
- Other Injection Attacks
- ---LDAP Injection
- ---XPATH Injection
- ---XML Injection
- ---Directory Traversal
- ---Command Injection
Day 4: Authorization, Non-Browser Clients, and Automated Scanners
- Authorization
- ---Authorization Models
- ---What Happens When It Goes Wrong
- ---Privilege Escalation
- ---Horizontal
- ---Vertical
- ---Bad Authorization Design and Implementation
- Other Clients
- ---Rich Web Clients
- ---AJAX
- ---JSON
- ---Java/Flash/Silverlight/Flex
- ---Thick Clients
- ---SOAP
- ---Intercepting Communications
- ---Common Patterns and Anti-Patterns
- ---Mobile Devices
- ---WAP
- ---Intercepting Communications
- Automated Web Application Vulnerability Scanning
- ---Full-Featured
- ---Point Scanners/Manual Assistants
- ---Strengths and Weaknesses
- Wrap-Up/Methodology
- ---Web App Testing Methodology Development
|
| |
|
For organizational purchases, please send us a message at  salesinfo@eno.com or complete and submit this form.
|
| |
|
Request A Quote
Convert your currency
RSS Feed
Facebook
LinkIn
Twitter
You Tube
