WAPT in pills: Self-paced, online, flexible access interactive slides. 4+ hours of video materials
|
|
- Andrew Campbell
- 6 years ago
- Views:
Transcription
1 The most practical and comprehensive training course on Web App Penetration testing WAPT in pills: Self-paced, online, flexible access interactive slides 4+ hours of video materials Learn the most advanced Web Application Attacks Integrated with Coliseum Lab 24 Educational Coliseum labs 16 real world web applications to pentest in Coliseum Lab Learn newest HTML5 Attacks Dedicated BeEF Manual Leads to 100% practical ewpt certification Prepares for real world Web App Penetration testing job elearnsecurity has been chosen by students in 113 countries in the world and by leading organization such as:
2 The Web Application Penetration Testing course (WAPT) is the online, self-paced training course that provides all the necessary advanced skills to carry out a thorough and professional penetration test against modern web applications. Thanks to the extensive use of Coliseum Lab and the coverage of the latest researches in the web application security field, the WAPT course is not only the most practical training course on the subject but also the most up to date. The course, although based on the offensive approach, contains, for each chapter, advices and best practices to solve the security issues detected during the penetration test. The WAPT training course benefits the career of penetration testers and IT Security personnel in charge of defending their organization web applications. This course allows organizations of all sizes assess and mitigate the risk at which their web applications are exposed, by building strong, practical in-house skills. Penetration testing companies can train their teams with a comprehensive and practical training course without having to deploy internal labs that are often outdated and not backed by solid theoretical material The student willing to enroll in the course must possess a solid understanding of web applications and web application security models. No programming skills are required, however snippets of Javascript/HTML/PHP code will be used during the course. The WAPT course leads to the ewpt certification. The certification can be obtained by successfully completing the requirements of a 100% practical exam consisting in a penetration test of a real world complex web application hosted in our elearnsecurity Hera labs. An ewpt voucher is included in all the plans of the WAPT course. 2
3 The WAPT course is integrated with Coliseum Lab: the most advanced virtual lab on web application security available today, with sandboxed vulnerable web applications run on-the-fly within the elearnsecurity cloud infrastructure. Only a web browser and an internet connection are required to access the lab. Each sandbox will be exclusive and dedicated to the student. The student will be able to start, stop and reset each scenario at any time. WAPT course comes with 40 different labs in two different typologies: Educational labs These are guided scenarios with small tasks to be performed in order to understand in practice what has been studied in theory. These labs contain step by step instructions in PDF manuals. Educational labs are available in all the modules of the WAPT course. There are 24 different educational labs available in WAPT Penetration testing labs The Penetration testing labs are included in the Coliseum WAPT package (former WAS360) featuring 16 different website scenarios modeled after real world websites that the student will encounter during his career. The student will perform penetration tests against these increasing difficult scenario to self-assess and practice the acquired testing skills during the training course. By successfully completing all the labs in this package the student will have acquired enough experience to attempt the certification exam. There are 16 different educational labs available in WAPT The number of labs available for this training course increases over time as new updates are available and as new scenarios are added on the platform. Please refer to the course home page for an up to date list of labs. 3
4 The student is provided with a suggested learning path to ensure the maximum success rate and the minimum effort. - Module 1: Introduction Web Application Essentials - Module 2: Penetration Testing Process - Module 3: Information Gathering - Module 4: Cross Site Scripting - Module 5: SQL Injection - Module 6: Session Security and Attacks - Module 7: Flash security - Module 8: Authentication - Module 9: HTML5 and New Frontiers - Module 10: Common Vulnerabilities - Module 11: Web Services - Module 12 : XPath Injection - Module 13 : Va & Exploitation tools All modules come in slides + video format. Modules can be accessed from within the elearnsecurity Members area. Labs are referenced within the slides in order to suggest the correct learning path to follow. 4
5 During this introductory module the student will understand the basics of Web applications. An in-depth coverage of the Same Origin Policy in its latest developments and the Cookie RFC will help experienced and nonexperienced penetration testers gain critical foundational skills useful for the rest of the training course. At the end of the module the student will become familiar with Burp Suite and its basic configuration. It s a light necessary introduction for an heavily practical, advanced training course. 1. Introduction 1.1. HTTP Protocol Basics Header and Body Requests Responses 1.2. Encoding Introduction Charsets ASCII Charset Unicode Charset Charset vs. Charset Encoding Encoding in Latin Encoding in Unicode Encoding in HTML URL Encoding HTML Entities (HTML Encoding) Base Same Origin (SOP) Introduction Origin What does Sop protect from? How SOP works Exceptions Window.location Examples Security Issues Document.domain Cross window messaging Cross Origin Resource Sharing 1.4. Cookies Cookies Domain Specified Cookie domain Unspecified Cookie domain Internet Explorer exception Inspecting the cookie protocol Correct cookie installation Incorrect cookie installation 1.5. Sessions 1.6. Web Application Proxies Burp Proxy Configuration 5
6 This module helps Penetration tester gain confidence with the processes and legal matters involved in a penetration testing engagement. The student will learn the methodologies and the reporting best practice in order to become a confident and professional penetration tester. 2. Penetration Testing Process 2.1. Pre-engagement Rules of engagement The goal and scope Goal Scope of engagement Time-table Liabilities and responsibilities NDA The Emergency plan The allowed techniques The deliverables 2.2. Methodologies PTES OSSTMM OWASP Testing Guide 2.3. Reporting This is a wealth of information useful throughout the entire career of a penetration tester. 6
7 Let the Penetration test start. Every penetration test begins with the Information gathering phase. This is where a penetration tester understands the application under a functional point of view and collects useful information for the following phases of the engagement. A multitude of techniques will be used in order to collect behavioral, functional, applicative and infrastructural information. The student will use a variety of tools to retrieve readily available information from the target. 3. Information Gathering 3.1. Gathering Information on Target Finding Owner, IP addresses, s WHOIS DNS Nslookup 3.2. Infrastructure Fingerprinting the Web Server Modules Enumerating subdomains Bing Subdomainer Zone Transfer Finding Virtual Hosts Hostmap 3.3. Fingerprinting Frameworks and Applications Fingerprinting Third-Party Add-Ons 3.4. Fingerprinting Custom Applications Mapping the Attack Surface 3.5. Enumerating Resources Crawling the Website Finding Hidden Files Back Up and Source Code File Enumerating Users Accounts with Burp Attack Preparation: Spotting the differences 3.6. Relevant Information through Misconfiguration Directory Listing Log and Configuration Files 3.7. Google Hacking Coliseum Labs included in this module 7
8 The most widespread web application vulnerability will be dissected and studied in all its parts. At first you will be provided with theoretical explanation. This understanding will help you in the exploitation and remediation process. Later you will master all the techniques to find XSS vulnerabilities through black box testing. 4. XSS 4.1. Cross site scripting Basics 4.2. Anatomy of a XSS exploitation 4.3. The three types of XSS Reflected XSS Persistent XSS DOM-based XSS 4.4. Finding XSS Finding XSS in PHP code 4.5. XSS Exploitation XSS, Browsers and same origin policy Real world attacks Cookie stealing through XSS Defacement 4.6. Advanced phishing attacks Coliseum Labs included in this module 8
9 This module will contain the most advanced techniques to find and exploit SQL Injections. From the explanation of the most basic SQL injection up to the most advanced. Advanced methods will be taught with real world examples and the best tools will be demonstrated on real targets. You will not just be able to dump remote databases but also get root on the remote machine through advanced SQL Injection techniques. 5. SQL Injection 5.1. Introduction to SQL Injection Dangers of a SQL Injection How SQL Injection works 5.2. How to find SQL injections How to find SQL injections Finding Blind SQL Injections 5.3. SQL Injection Exploitation Exploiting Union SQL Injections 5.4. Exploiting Error Based SQL Injections Dumping database data Reading remote file system Accessing the remote network 5.5. Exploiting Blind SQL Injection Optimized Blind SQL Injections Time Based SQL Injections 5.6. Tools Advanced SQLmap usage and other tools Tools taxonomy Coliseum Labs included in this module 9
10 Session related vulnerabilities will be the subject of this module with extensive coverage of the most common attacking patterns. Code samples on how to prevent session attacks are provided in PHP, Java and.net At the end of the module the student will master offensive as well as defensive procedures related to session management within web applications. 6. Session Security 6.1. Weakness of Session Identifier 6.2. Understanding Session Hijacking Session Hijacking Introduction Session Hijacking through XSS Preventing Session Hijacking through XSS PHP Java NET Session Hijacking through Packet Sniffing Session Hijacking through Access to the Web Server PHP Java NET 6.3. Session Fixation Session Fixation Attacks Preventing Session Fixation PHP NET Java Coliseum Labs included in this module 10
11 Flash, although a dying technology, is still present on millions of websites online. Flash files can expose a web application and its users to a number of security risks that will be covered within this module. The student will first study the Flash security model and its pitfalls. Then will use the most recent tools to find and exploit vulnerabilities in Flash files. After having studied this module, students will never look at SWF files the same way. 7. Flash 7.1. Introduction Actionscript Compiling and decompiling Embedding Flash in HTML The allowscriptaccess Attribute Passing arguments to Flash Files 7.2. Flash Security model Sandboxes Stakeholders Administration Role User role Website role URL policy file Author role Calling Javascript from Actionscript Calling Actionscript from Javascript Method NavigateToURL Local Shared Objects 7.3. Flash Vulnerabilities Flash parameter injection Fuzzing Flash with SWFInvestigator Finding Hardcoded sensitive information 7.4. Pentesting Flash Applications Analyzing client side components Identifying communication protocol Analyzing server side components Coliseum Labs included in this module 11
12 Any application with a minimum of complexity requires authentication at some point. Chances are that the authentication mechanisms in place are not sufficient or are simply broken, exposing the organization at serious security issues leading to a complete compromise of the web application and the data it stores. During this module the student will learn the most common authentication mechanisms, their weaknesses and the related attacks. From Inadequate password policies to weaknesses in the implementation of common features. 8. Authentication 8.1. Introduction Authentication vs. Authorization Authentication factors Single-factor Authentication Two-factor Authentication 8.2. Common Vulnerabilities Credentials Over Unencrypted Channel Inadequate Password Policy Dictionary Attack Brute Force Attack Preventing Inadequate Password Policy Strong Passwords Storing Hashes Blocking Requests User Enumeration Examples Taking Advantage of User Enumeration Default or (easily) Guessable User Accounts Typical default credentials Default User Accounts Remember me feature Cache Browser Method Cookie Method Web Storage method Best defensive techniques Password reset Easily guessable answers Unlimited Attempts Password reset link Guessable Recyclable Predictable Secret questions Logout Weaknesses Incorrect Session Destruction 8.3. Bypassing Authentication Direct page request (Forced browsing) 12
13 Best defensive techniques Parameter modification An example of vulnerable web application Best defensive techniques Incorrect Redirection Using redirect to protect contents Are the contents really protected? A typical vulnerable WebApp Best defensive techniques SessionID prediction SQL Injection A vulnerable authentication form Exploitation through SQL Injection Coliseum Labs included in this module
14 This module is an extremely indepth coverage of all the attack vectors and weaknesses introduced by drafted as well as finalized W3C new standards and protocols. We will go through the most important elements of HTML5 and especially the new CORS paradigm that completely changes the way the SOP is applied to most modern web applications. By mastering this module in theory and practice the student will possess an arsenal of penetration testing techniques that are still unknown to the vast majority of penetration testers. A number of Coliseum labs are available to practice all the aspects covered within this module. This module brings penetration testers skills to the next level with next generation attack vectors that are going to affect web applications for the next decade. 9. HTML5 and New Frontiers 9.1. Cross Origin Resource Sharing (CORS) Same Origin Policy Issue Cross-Domain Policy in Flash Cross Origin Resource Sharing Cross Origin Ajax Request Cross Origin Requests Simple Requests Preflighted requests Request with Credentials Control Access Headers Header Access-Control- Allow-Origin Header Access-Control- Allow-Credentials Header Access-Control- Allow-Headers Header Access-Control- Allow-Methods Header Access-Control- Max-Age Header Access-Control- Expose-Headers Header Origin Header Access-Control- Request-Method Header Access-Control- Request-Headers 9.2. Cross Windows Messaging Relationship between windows Sending Messages Receiving Messages Security Issues 9.3. Web Storage Different Storages Local Storage Session Storage Local Storage APIs Adding an Item Retrieving an Item Removing an Item Removing all Items SessionStorage APIs Security Issues 9.4. Web Sockets 14
15 Real Time Applications Using HTTP WebSocket Features Benefits APIs 9.5. Sandboxed frames Security Issues before HTML Redirection Example Preventing Accessing the Parent Document from iframe HTML5 sandbox attribute Coliseum Labs included in this module
16 During this module the student will practice a number of vulnerabilities that, despite being less known or publicized, are still affecting a number of web applications across many different programming languages and platforms. Advanced clickjacking attacks are covered in depth with real world examples and dissected real world attacks. The level of depth and the amount of practical sessions during this module will provide even seasoned penetration testers with new ways to break the security of their targets. 10. Common Vulnerabilities OWASP A4 - Insecure Direct Object Reference Examples References to file system References to DB Keys OWASP A8 Failure to restrict URL access Path Traversal Path Convention Encoding Best defensive techniques File Inclusion Local File Inclusion Remote File Inclusion Unrestricted File Upload A vulnerable Web Application Best defensive techniques Filtering based on file content Clickjacking Understanding Clickjacking Feasibility study Case1: possible Case2: not possible Building Malicious Web Pages Spreading the Malicious Link Waiting for the victim Best defensive techniques The Old School HTTP header X-Frame- Options Likejacking in Facebook Cursorjacking HTTP Response splitting A typical Scenario XSS through HTTP Response splitting Header Injection Bypassing Same Origin Policy Attack explained Best defensive 16
17 17 techniques Logical Flaws A vulnerable Web Application Best defensive techniques Denial of Services Different DoS Attacks Request bombing Greedy Pages Best defensive techniques Coliseum Labs included in this module
18 Professional penetration testers should master all aspects related to web services testing. Web services are nowadays the data and logic provider for a variety of thin and thick clients, from web application clients to mobile applications. During this highly in depth module the student will first become familiar with web services paradigms and protocols and then learn all the most important related security issues. WSDL and SOAP testing will be covered not only in theory but also in practice in our Coliseum Lab. 11. Web Services Introduction Why using Web Services Standardized Protocols HTTP XML SOAP Interoperability between different Applications Exposing Services Description of a Web Service The WSDL Language Interaction between Client and Web Service Object in WSDL Binding PortType Message Operation Attacks WSDL Disclosure WSDL Google Hacking WSDL Scanning SOAP Action Spoofing Pre-requirements Attack in action Best defensive techniques SQL Injection through SOAP messages Best defensive techniques Coliseum Labs included in this module 18
19 Xpath is the XML standard that allows web applications to query XML databases. In this module the student will learn advanced XPath injection techniques, in theory and practice in the Coliseum. 12. XPath XML Documents and Databases XPath XPath vs. SQL No comment statements Case Sensitive Detecting XPath Injection Error Based Injection Blind Injection Detect True Detect False Coliseum Labs included in this module 19
20 In this module the student will learn how to use Open source and commercial tools to find and exploit all the vulnerabilities studied and practiced during the training course. 13. VA & Exploitation Tools Acunetix VA Exploitation Netsparker VA Exploitation W3af VA Exploitation BeEF Architecture User Interface Communication Server (CS) Zombie Hooking Example BeEF Commands Browser Commands Host Commands Network Commands Exploits Commands XSSrays Requester Tunneling Proxy Configuring a tunneling Proxy Metasploit Integration All tools can be practiced within the Coliseum Lab 20
21 About elearnsecurity Based in Pisa, Italy, elearnsecurity is a leading provider of IT security and penetration testing courses for IT professionals. elearnsecurity advances the careers of IT security professionals by providing affordable top-level instruction. We use engaging elearning and the most effective mix of theory, practice and methodology in IT security all with real-world lessons that students can immediately apply to build relevant skills and keep their companies data and systems safe. For more information, visit elearnsecurity S.R.L Via Matteucci 36/ Pisa, Italy 21
WAPTv2 at a glance: Self-paced, online, flexible access interactive slides and 5+ hours of video material. Downloadable material
The most practical and comprehensive training course on Web App Pentest WAPTv2 at a glance: Self-paced, online, flexible access 1850+ interactive slides and 5+ hours of video material Downloadable material
More informationWEB APPLICATION PENETRATION TESTING VERSION 2
WEB APPLICATION PENETRATION TESTING VERSION 2 The most practical and comprehensive training course on web application pentesting elearnsecurity has been chosen by students in over 140 countries in the
More informationWeb Application Penetration Testing
Web Application Penetration Testing COURSE BROCHURE & SYLLABUS Course Overview Web Application penetration Testing (WAPT) is the Security testing techniques for vulnerabilities or security holes in corporate
More informationCertified Secure Web Application Engineer
Certified Secure Web Application Engineer ACCREDITATIONS EXAM INFORMATION The Certified Secure Web Application Engineer exam is taken online through Mile2 s Assessment and Certification System ( MACS ),
More informationPND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access
The World s Premier Online Practical Network Defense course PND at a glance: Self-paced, online, flexible access 1500+ interactive slides (PDF, HTML5 and Flash) 5+ hours of video material 10 virtual labs
More informationCSWAE Certified Secure Web Application Engineer
CSWAE Certified Secure Web Application Engineer Overview Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized
More informationPRACTICAL WEB DEFENSE VERSION 1
PRACTICAL WEB DEFENSE VERSION 1 The most practical and comprehensive training course on web application defense elearnsecurity has been chosen by students in over 140 countries in the world and by leading
More informationRiskSense Attack Surface Validation for Web Applications
RiskSense Attack Surface Validation for Web Applications 2018 RiskSense, Inc. Keeping Pace with Digital Business No Excuses for Not Finding Risk Exposure We needed a faster way of getting a risk assessment
More informationWEB APPLICATION PENETRATION TESTING EXTREME VERSION 1
WEB APPLICATION PENETRATION TESTING EXTREME VERSION 1 The most advanced course on web application penetration testing elearnsecurity has been chosen by students in over 140 countries in the world and by
More informationW e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s
W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s Session I of III JD Nir, Security Analyst Why is this important? ISE Proprietary Agenda About ISE Web Applications
More information01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED
01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED Contents 1. Introduction 3 2. Security Testing Methodologies 3 2.1 Internet Footprint Assessment 4 2.2 Infrastructure Assessments
More informationGUI based and very easy to use, no security expertise required. Reporting in both HTML and RTF formats - Click here to view the sample report.
Report on IRONWASP Software Product: IronWASP Description of the Product: IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing.
More informationRKN 2015 Application Layer Short Summary
RKN 2015 Application Layer Short Summary HTTP standard version now: 1.1 (former 1.0 HTTP /2.0 in draft form, already used HTTP Requests Headers and body counterpart: answer Safe methods (requests): GET,
More informationModule 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services
Following topics will be covered: Module 1: Penetration Testing Planning and Scoping - Types of penetration testing and ethical hacking projects - Penetration testing methodology - Limitations and benefits
More informationCopyright
1 Security Test EXTRA Workshop : ANSWER THESE QUESTIONS 1. What do you consider to be the biggest security issues with mobile phones? 2. How seriously are consumers and companies taking these threats?
More informationApplication Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
More informationINCIDENT HANDLING & RESPONSE PROFESSIONAL VERSION 1
INCIDENT HANDLING & RESPONSE PROFESSIONAL VERSION 1 The most practical and comprehensive training course on incident handling & response elearnsecurity has been chosen by students in over 140 countries
More information"Charting the Course to Your Success!" Securing.Net Web Applications Lifecycle Course Summary
Course Summary Description Securing.Net Web Applications - Lifecycle is a lab-intensive, hands-on.net security training course, essential for experienced enterprise developers who need to produce secure.net-based
More informationPRACTICAL NETWORK DEFENSE VERSION 1
PRACTICAL NETWORK DEFENSE VERSION 1 The world s premiere online practical network defense course elearnsecurity has been chosen by students in over 140 countries in the world and by leading organizations
More informationComputer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks
Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition Chapter 3 Investigating Web Attacks Objectives After completing this chapter, you should be able to: Recognize the indications
More informationPenetration Testing with Kali Linux
Penetration Testing with Kali Linux PWK Copyright Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security No part of this publication, in whole or in part, may
More informationEthical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities
Ethical Hacking and Countermeasures: Web Chapter 3 Web Application Vulnerabilities Objectives After completing this chapter, you should be able to: Understand the architecture of Web applications Understand
More informationTiger Scheme SST Standards Web Applications
Tiger Scheme SST Standards Web Applications Title Tiger Scheme Senior Security Tester Standards Web Applications Version 1.3 Status Public Release Date 8 th Nov 2013 Author Konstantinos Xynos Review Date
More informationCertified Secure Web Application Security Test Checklist
www.certifiedsecure.com info@certifiedsecure.com Tel.: +31 (0)70 310 13 40 Loire 128-A 2491 AJ The Hague The Netherlands Certified Secure Checklist About Certified Secure exists to encourage and fulfill
More informationOWASP Top 10 The Ten Most Critical Web Application Security Risks
OWASP Top 10 The Ten Most Critical Web Application Security Risks The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain
More informationCurso: Ethical Hacking and Countermeasures
Curso: Ethical Hacking and Countermeasures Module 1: Introduction to Ethical Hacking Who is a Hacker? Essential Terminologies Effects of Hacking Effects of Hacking on Business Elements of Information Security
More informationWeb Application Security. Philippe Bogaerts
Web Application Security Philippe Bogaerts OWASP TOP 10 3 Aim of the OWASP Top 10 educate developers, designers, architects and organizations about the consequences of the most common web application security
More informationApplication security : going quicker
Application security : going quicker The web application firewall example Agenda Agenda o Intro o Application security o The dev team approach o The infra team approach o Impact of the agility o The WAF
More informationSolutions Business Manager Web Application Security Assessment
White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security
More informationPenetration Testing following OWASP. Boyan Yanchev Chief Technology Ofcer Peter Dimkov IS Consultant
Penetration Testing following OWASP Boyan Yanchev Chief Technology Ofcer Peter Dimkov IS Consultant За Лирекс Penetration testing A method of compromising the security of a computer system or network by
More informationA D V I S O R Y S E R V I C E S. Web Application Assessment
A D V I S O R Y S E R V I C E S Web Application Assessment March 2009 Agenda Definitions Landscape of current web applications Required skills Attack surface Scope Methodology Soft skills 2 Definitions
More informationHuman vs Artificial intelligence Battle of Trust
Human vs Artificial intelligence Battle of Trust Hemil Shah Co-CEO & Director Blueinfy Solutions Pvt Ltd About Hemil Shah hemil@blueinjfy.net Position -, Co-CEO & Director at BlueInfy Solutions, - Founder
More informationEasyCrypt passes an independent security audit
July 24, 2017 EasyCrypt passes an independent security audit EasyCrypt, a Swiss-based email encryption and privacy service, announced that it has passed an independent security audit. The audit was sponsored
More informationOWASP TOP Release. Andy Willingham June 12, 2018 OWASP Cincinnati
OWASP TOP 10 2017 Release Andy Willingham June 12, 2018 OWASP Cincinnati Agenda A quick history lesson The Top 10(s) Web Mobile Privacy Protective Controls Why have a Top 10? Software runs the world (infrastructure,
More informationCHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS
180 CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 8.1 SUMMARY This research has focused on developing a Web Applications Secure System from Code Injection Vulnerabilities through Web Services (WAPS-CIVS),
More informationSECURITY TESTING. Towards a safer web world
SECURITY TESTING Towards a safer web world AGENDA 1. 3 W S OF SECURITY TESTING 2. SECURITY TESTING CONCEPTS 3. SECURITY TESTING TYPES 4. TOP 10 SECURITY RISKS ate: 2013-14 Few Security Breaches September
More informationWeb Penetration Testing
Web Penetration Testing What is a Website How to hack a Website? Computer with OS and some servers. Apache, MySQL...etc Contains web application. PHP, Python...etc Web application is executed here and
More informationPenetration Testing. James Walden Northern Kentucky University
Penetration Testing James Walden Northern Kentucky University Topics 1. What is Penetration Testing? 2. Rules of Engagement 3. Penetration Testing Process 4. Map the Application 5. Analyze the Application
More informationWeb Applications Penetration Testing
Web Applications Penetration Testing Team Members: Rahul Motwani (2016ME10675) Akshat Khare (2016CS10315) ftarth Chopra (2016TT10829) Supervisor: Prof. Ranjan Bose Before proceeding further, we would like
More informationAndrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing. Security Testing. Taming the Wild West
Andrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing Advancing Expertise in Security Testing Taming the Wild West Canberra, Australia 1 Who is this guy? Andrew
More informationStudents should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:
Secure Java Web Application Development Lifecycle - SDL (TT8325-J) Day(s): 5 Course Code: GK1107 Overview Secure Java Web Application Development Lifecycle (SDL) is a lab-intensive, hands-on Java / JEE
More informationWhy bother? Causes of data breaches OWASP. Top ten attacks. Now what? Do it yourself Questions?
Jeroen van Beek 1 Why bother? Causes of data breaches OWASP Top ten attacks Now what? Do it yourself Questions? 2 In many cases the web application stores: Credit card details Personal information Passwords
More informationPerslink Security. Perslink Security. Eleonora Petridou Pascal Cuylaerts. System And Network Engineering University of Amsterdam.
Eleonora Petridou Pascal Cuylaerts System And Network Engineering University of Amsterdam June 30, 2011 Outline Research question About Perslink Approach Manual inspection Automated tests Vulnerabilities
More informationCIS 700/002 : Special Topics : OWASP ZED (ZAP)
CIS 700/002 : Special Topics : OWASP ZED (ZAP) Hitali Sheth CIS 700/002: Security of EMBS/CPS/IoT Department of Computer and Information Science School of Engineering and Applied Science University of
More informationWeb Application Vulnerabilities: OWASP Top 10 Revisited
Pattern Recognition and Applications Lab Web Application Vulnerabilities: OWASP Top 10 Revisited Igino Corona igino.corona AT diee.unica.it Computer Security April 5th, 2018 Department of Electrical and
More informationWeb Application & Web Server Vulnerabilities Assessment Pankaj Sharma
Web Application & Web Server Vulnerabilities Assessment Pankaj Sharma Indian Computer Emergency Response Team ( CERT - IN ) Department Of Information Technology 1 Agenda Introduction What are Web Applications?
More informationBank Infrastructure - Video - 1
Bank Infrastructure - 1 05/09/2017 Threats Threat Source Risk Status Date Created Account Footprinting Web Browser Targeted Malware Web Browser Man in the browser Web Browser Identity Spoofing - Impersonation
More informationC1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
More informationEthical Hacking and Prevention
Ethical Hacking and Prevention This course is mapped to the popular Ethical Hacking and Prevention Certification Exam from US-Council. This course is meant for those professionals who are looking for comprehensive
More informationExploiting and Defending: Common Web Application Vulnerabilities
Exploiting and Defending: Common Web Application Vulnerabilities Introduction: Steve Kosten Principal Security Consultant SANS Instructor Denver OWASP Chapter Lead Certifications CISSP, GWAPT, GSSP-Java,
More informationHacking Our Way to Better Security: Lessons from a Web Application Penetration Test. Tyler Rasmussen Mercer Engineer Research Center
Hacking Our Way to Better Security: Lessons from a Web Application Penetration Test Tyler Rasmussen Mercer Engineer Research Center About Me Cybersecurity Engineering Intern @ MERC Senior IT/Cybersecurity
More informationNotes From The field
Notes From The field tools and usage experiences Jarkko Holappa Antti Laulajainen Copyright The Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the License.
More informationPresented By Rick Deacon DEFCON 15 August 3-5, 2007
Hacking Social Lives: MySpace.com Presented By Rick Deacon DEFCON 15 August 3-5, 2007 A Quick Introduction Full-time IT Specialist at a CPA firm located in Beachwood, OH. Part-time Student at Lorain County
More informationshortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge
shortcut Your Short Cut to Knowledge The following is an excerpt from a Short Cut published by one of the Pearson Education imprints. Short Cuts are short, concise, PDF documents designed specifically
More informationWeb Application Attacks
Web Application Attacks What can an attacker do and just how hard is it? By Damon P. Cortesi IOActive, Inc. Comprehensive Computer Security Services www.ioactive.com cortesi:~
More informationDefend Your Web Applications Against the OWASP Top 10 Security Risks. Speaker Name, Job Title
Defend Your Web Applications Against the OWASP Top 10 Security Risks Speaker Name, Job Title Application Security Is Business Continuity Maintain and grow revenue Identify industry threats Protect assets
More informationSecurity and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web
Security and Privacy SWE 432, Fall 2016 Design and Implementation of Software for the Web Today Security What is it? Most important types of attacks Privacy For further reading: https://www.owasp.org/index.php/
More informationHP 2012 Cyber Security Risk Report Overview
HP 2012 Cyber Security Risk Report Overview September 2013 Paras Shah Software Security Assurance - Canada Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationAdvanced Ethical Hacking & Penetration Testing. Ethical Hacking
Summer Training Internship Program 2017 (STIP - 2017) is a practical oriented & industrial level training program for all students who have aspiration to work in the core technical industry domain. This
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationProvide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any
OWASP Top 10 Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any tester can (and should) do security testing
More informationAttacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14
Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.
More informationWeb Security, Summer Term 2012
IIG University of Freiburg Web Security, Summer Term 2012 Web Application: Testing Security Dr. E. Benoist Sommer Semester Web Security, Summer Term 2012 10) Web Application: Testing Security 1 Table of
More informationCertified Secure Web Application Secure Development Checklist
www.certifiedsecure.com info@certifiedsecure.com Tel.: +31 (0)70 310 13 40 Loire 128-A 2491 AJ The Hague The Netherlands About Certified Secure Checklist Certified Secure exists to encourage and fulfill
More informationExecutive Summary. Flex Bounty Program Overview. Bugcrowd Inc Page 2 of 7
CANVAS by Instructure Bugcrowd Flex Program Results December 01 Executive Summary Bugcrowd Inc was engaged by Instructure to perform a Flex Bounty program, commonly known as a crowdsourced penetration
More informationWeb Security. Thierry Sans
Web Security Thierry Sans 1991 Sir Tim Berners-Lee Web Portals 2014 Customer Resources Managemen Accounting and Billing E-Health E-Learning Collaboration Content Management Social Networks Publishing Web
More informationHacker Attacks on the Horizon: Web 2.0 Attack Vectors
IBM Software Group Hacker Attacks on the Horizon: Web 2.0 Attack Vectors Danny Allan Director, Security Research dallan@us.ibm.com 2/21/2008 Agenda HISTORY Web Eras & Trends SECURITY Web 2.0 Attack Vectors
More informationAguascalientes Local Chapter. Kickoff
Aguascalientes Local Chapter Kickoff juan.gama@owasp.org About Us Chapter Leader Juan Gama Application Security Engineer @ Aspect Security 9+ years in Appsec, Testing, Development Maintainer of OWASP Benchmark
More informationWeb Application Security. OWASP 11 th August, The OWASP Foundation Basic SQL injection Basic Click Jacking
Web Application Security Basic SQL injection Basic Click Jacking OWASP 11 th August, 2012 Vinod Senthil T Director infysec vinod@infysec.com 044-42611142/43 Copyright The OWASP Foundation Permission is
More informationTRAINING CURRICULUM 2017 Q2
TRAINING CURRICULUM 2017 Q2 Index 3 Why Security Compass? 4 Discover Role Based Training 6 SSP Suites 7 CSSLP Training 8 Course Catalogue 14 What Can We Do For You? Why Security Compass? Role-Based Training
More informationUsing the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway
Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway Applying Application Delivery Technology to Web Services Overview The Cisco ACE XML Gateway is the newest
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationFinding Vulnerabilities in Web Applications
Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of
More informationCertified Vulnerability Assessor
Certified Vulnerability Assessor COURSE BENEFITS Course Title:Certified Vulnerability Assessor Duration: 3Day Language: English Class Format Options: Instructor-led classroom Live Online Training Prerequisites:
More informationOWASP Top David Caissy OWASP Los Angeles Chapter July 2017
OWASP Top 10-2017 David Caissy OWASP Los Angeles Chapter July 2017 About Me David Caissy Web App Penetration Tester Former Java Application Architect IT Security Trainer: Developers Penetration Testers
More informationCSC 482/582: Computer Security. Cross-Site Security
Cross-Site Security 8chan xss via html 5 storage ex http://arstechnica.com/security/2015/09/serious- imgur-bug-exploited-to-execute-worm-like-attack-on- 8chan-users/ Topics 1. Same Origin Policy 2. Credential
More informationAdvanced Diploma on Information Security
Course Name: Course Duration: Prerequisites: Course Fee: Advanced Diploma on Information Security 300 Hours; 12 Months (10 Months Training + 2 Months Project Work) Candidate should be HSC Pass & Basic
More informationApplication Security Introduction. Tara Gu IBM Product Security Incident Response Team
Application Security Introduction Tara Gu IBM Product Security Incident Response Team About Me - Tara Gu - tara.weiqing@gmail.com - Duke B.S.E Biomedical Engineering - Duke M.Eng Computer Engineering -
More informationEvaluating the Security Risks of Static vs. Dynamic Websites
Evaluating the Security Risks of Static vs. Dynamic Websites Ballard Blair Comp 116: Introduction to Computer Security Professor Ming Chow December 13, 2017 Abstract This research paper aims to outline
More informationApplication. Security. on line training. Academy. by Appsec Labs
Application Security on line training Academy by Appsec Labs APPSEC LABS ACADEMY APPLICATION SECURITY & SECURE CODING ON LINE TRAINING PROGRAM AppSec Labs is an expert application security company serving
More informationAttacks Against Websites. Tom Chothia Computer Security, Lecture 11
Attacks Against Websites Tom Chothia Computer Security, Lecture 11 A typical web set up TLS Server HTTP GET cookie Client HTML HTTP file HTML PHP process Display PHP SQL Typical Web Setup HTTP website:
More informationDeveloping Secure Applications with OWASP OWASP. The OWASP Foundation Martin Knobloch
Developing Secure Applications with OWASP Martin Knobloch martin.knobloch@owasp.org OWASP OWASP NL Chapter Board OWASP Global Education Committee Chair Copyright The OWASP Foundation Permission is granted
More informationSecurity Communications and Awareness
Security Communications and Awareness elearning OVERVIEW Recent high-profile incidents underscore the need for security awareness training. In a world where your employees are frequently exposed to sophisticated
More informationBypassing Web Application Firewalls
Bypassing Web Application Firewalls an approach for pentesters KHALIL BIJJOU SECURITY CONSULTANT 17 th November 2017 BYPASSING A WAF WHY? Number of deployed Web Application Firewalls (WAFs) is increasing
More informationCNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies
CNIT 129S: Securing Web Applications Ch 3: Web Application Technologies HTTP Hypertext Transfer Protocol (HTTP) Connectionless protocol Client sends an HTTP request to a Web server Gets an HTTP response
More informationCSE361 Web Security. Attacks against the client-side of web applications. Nick Nikiforakis
CSE361 Web Security Attacks against the client-side of web applications Nick Nikiforakis nick@cs.stonybrook.edu Despite the same origin policy Many things can go wrong at the client-side of a web application
More informationThis slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in
1 This slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in terms of prevalence (how much the vulnerability is widespread),
More informationAdvanced Penetration Testing The Ultimate Penetration Testing Standard
The Ultimate Penetration Testing Standard COURSE DESCRIPTION ADVANCED PENETRATION TESTING The program is created as a progression for ECSA credential professionals. The course is designed to show the advanced
More informationPENETRATION TESTING EXTREME VERSION 1
PENETRATION TESTING EXTREME VERSION 1 The world s most advanced network penetration testing course elearnsecurity has been chosen by students in over 140 countries in the world and by leading organizations
More informationHTML5 Web Security. Thomas Röthlisberger IT Security Analyst
HTML5 Web Security Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Tel +41 55 214 41 60 Fax +41 55 214 41 61 team@csnc.ch
More informationGOING WHERE NO WAFS HAVE GONE BEFORE
GOING WHERE NO WAFS HAVE GONE BEFORE Andy Prow Aura Information Security Sam Pickles Senior Systems Engineer, F5 Networks NZ Agenda: WTF is a WAF? View from the Trenches Example Attacks and Mitigation
More informationOWASP Top 10. Copyright 2017 Ergon Informatik AG 2/13
Airlock and the OWASP TOP 10-2017 Version 2.1 11.24.2017 OWASP Top 10 A1 Injection... 3 A2 Broken Authentication... 5 A3 Sensitive Data Exposure... 6 A4 XML External Entities (XXE)... 7 A5 Broken Access
More informationLecture Overview. IN5290 Ethical Hacking
Lecture Overview IN5290 Ethical Hacking Lecture 6: Web hacking 2, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Session related attacks Universitetet i Oslo Laszlo Erdödi How to use Burp
More informationLecture 6: Web hacking 2, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Session related attacks
IN5290 Ethical Hacking Lecture 6: Web hacking 2, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Session related attacks Universitetet i Oslo Laszlo Erdödi Lecture Overview How to use Burp
More informationOWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP
OWASP Top 10 Risks Dean.Bushmiller@ExpandingSecurity.com Many thanks to Dave Wichers & OWASP My Mom I got on the email and did a google on my boy My boy works in this Internet thing He makes cyber cafes
More informationThe requirements were developed with the following objectives in mind:
FOREWORD This document defines four levels of application security verification. Each level includes a set of requirements for verifying the effectiveness of security controls that protect web applications
More informationCNIT 129S: Securing Web Applications. Ch 10: Attacking Back-End Components
CNIT 129S: Securing Web Applications Ch 10: Attacking Back-End Components Injecting OS Commands Web server platforms often have APIs To access the filesystem, interface with other processes, and for network
More informationANZTB SIGIST May 2011 Perth OWASP How minor vulnerabilities can do very bad things. OWASP Wednesday 25 th May The OWASP Foundation
ANZTB SIGIST May 2011 Perth OWASP How minor vulnerabilities can do very bad things Christian Frichot / David Taylor (Some of) Perth OWASP s Chapter Leads OWASP Wednesday 25 th May 2011 Copyright The OWASP
More informationSecurity Communications and Awareness
Security Communications and Awareness elearning OVERVIEW Recent high-profile incidents underscore the need for security awareness training. In a world where your employees are frequently exposed to sophisticated
More informationVulnerabilities in online banking applications
Vulnerabilities in online banking applications 2019 Contents Introduction... 2 Executive summary... 2 Trends... 2 Overall statistics... 3 Comparison of in-house and off-the-shelf applications... 6 Comparison
More information