(WAPT) Web Application Penetration Testing



Similar documents
Using Free Tools To Test Web Application Security

Web Application Penetration Testing

Chapter 1 Web Application (In)security 1

WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY

Web Security Testing Cookbook*

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Conducting Web Application Pentests. From Scoping to Report For Education Purposes Only

Essential IT Security Testing

Criteria for web application security check. Version

Introduction:... 1 Security in SDLC:... 2 Penetration Testing Methodology: Case Study... 3

WEB APPLICATION HACKING. Part 2: Tools of the Trade (and how to use them)

Adobe Systems Incorporated

MatriXay WEB Application Vulnerability Scanner V Overview. (DAS- WEBScan ) The best WEB application assessment tool

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

Excellence Doesn t Need a Certificate. Be an. Believe in You AMIGOSEC Consulting Private Limited

The Top Web Application Attacks: Are you vulnerable?

SENSITIVE AUSTRALIAN SPORTS COMMISSION ATHLETE MANAGEMENT SYSTEM (AMS) SMARTBASE SECURITY TEST PLAN. Final. Version 1.0

Where every interaction matters.


OWASP Top Ten Tools and Tactics

EVALUATING COMMERCIAL WEB APPLICATION SECURITY. By Aaron Parke

Bust a cap in a web app with OWASP ZAP

Detecting and Defending Against Security Vulnerabilities for Web 2.0 Applications

ArcGIS Server Security Threats & Best Practices David Cordes Michael Young

Vulnerability Assessment and Penetration Testing

Lecture 11 Web Application Security (part 1)

elearning for Secure Application Development

Testnet Summerschool. Web Application Security Testing. Dave van Stein

Web Application Vulnerability Testing with Nessus

Learn Ethical Hacking, Become a Pentester

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST

Penetration Testing. Types Black Box. Methods Automated Manual Hybrid. oless productive, more difficult White Box

Web Application Report

Rational AppScan & Ounce Products

What is Web Security? Motivation

Enterprise Application Security Workshop Series

MANAGED SECURITY TESTING

Web application testing

Last update: February 23, 2004

WHITE PAPER FORTIWEB WEB APPLICATION FIREWALL. Ensuring Compliance for PCI DSS 6.5 and 6.6

Penetration Testing with Kali Linux

Web Application Security Assessment and Vulnerability Mitigation Tests

Web application security

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

Network Security Exercise #8

Check list for web developers

Application Security Testing. Erez Metula (CISSP), Founder Application Security Expert

3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

Web applications. Web security: web basics. HTTP requests. URLs. GET request. Myrto Arapinis School of Informatics University of Edinburgh

Security Testing Tools

1. Introduction. 2. Web Application. 3. Components. 4. Common Vulnerabilities. 5. Improving security in Web applications

Ethical Hacking as a Professional Penetration Testing Technique

Testing the OWASP Top 10 Security Issues

ASP.NET MVC Secure Coding 4-Day hands on Course. Course Syllabus

CYBERTRON NETWORK SOLUTIONS

National Information Security Group The Top Web Application Hack Attacks. Danny Allan Director, Security Research

Detecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008

OWASP and OWASP Top 10 (2007 Update) OWASP. The OWASP Foundation. Dave Wichers. The OWASP Foundation. OWASP Conferences Chair

Application Security Testing

Högskoleexamen. Web application Security. Sektionen för informationsvetenskap, data- och elektroteknik. Rapport för Högskoleexamen, January 2013

Intrusion detection for web applications

WHITE PAPER. FortiWeb Web Application Firewall Ensuring Compliance for PCI DSS 6.5 and 6.6

Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet

Security vulnerabilities in new web applications. Ing. Pavol Lupták, CISSP, CEH Lead Security Consultant

Detecting and Exploiting XSS with Xenotix XSS Exploit Framework

External Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION

CSE598i - Web 2.0 Security OWASP Top 10: The Ten Most Critical Web Application Security Vulnerabilities

Web Application Security. Vulnerabilities, Weakness and Countermeasures. Massimo Cotelli CISSP. Secure

Adding Value to Automated Web Scans. Burp Suite and Beyond

Cracking the Perimeter via Web Application Hacking. Zach Grace, CISSP, CEH January 17, Mega Conference

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.

Web Application Attacks And WAF Evasion

Guidelines for Web applications protection with dedicated Web Application Firewall

HackMiami Web Application Scanner 2013 PwnOff

Application Code Development Standards

Magento Security and Vulnerabilities. Roman Stepanov

Arrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015

Executive Summary On IronWASP

Cyber Security Workshop Ethical Web Hacking

Web Application Attacks and Countermeasures: Case Studies from Financial Systems

Defending your Web Applications from Attack: Presenter: Damira Pon, UAlbany. NYS Forum Web & Accessibility Workgroup Talk. NYS Forum Training Room

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

Passing PCI Compliance How to Address the Application Security Mandates

Hacking Web Apps. Detecting and Preventing Web Application Security Problems. Jorge Blanco Alcover. Mike Shema. Technical Editor SYNGRESS

Attack Vector Detail Report Atlassian

Web Application Security

Integrating Security into the Application Development Process. Jerod Brennen, CISSP CTO & Principal Security Consultant, Jacadis

Software Assurance Tools: Web Application Security Scanner Functional Specification Version 1.0

Web Application Security

Transcription:

(WAPT) Web Application Penetration Testing Module 0: Introduction 1. Introduction to the course. 2. How to get most out of the course 3. Resources you will need for the course 4. What is WAPT? Module 1: Introduction To Web-application 1. What is web application? 2. History of Web-Applications 3. Existing problems and challenges in present web applications 4. Overview of web application defenses Module 2: Basics 1. How a web application works 2. Architecture of web applications 3. Basics of HTML 4. Basics of CSS 5. Basics of Javascript 6. Basics of any server-side language (PHP/J2EE/ASP.NET) Module 3: HTTP Protocol 1. Overview of RFC 2616 2. HTTP Messages & Entities 3. HTTP Request 4. HTTP Response 5. HTTP Status Codes 6. Various types of encoding schemes Module 4: Web servers and clients 1. IIS Server 2. Apache Server 3. Other Servers 4. Browsers 5. Browser s same origin policy 6. Other Web enabled Clients

Module 5: Server-side and Client-side security controls 1. Input Validation 2. Output validation (encoding) 3. Insufficient input & output validations 4. Validation approaches White list approach Black list approach 5. Bypass thin/thick(decompile) client validations Flash Java 6. Leveraging Ajax and web 2.0 in attacks 7. Bypass Server-side validations Module 6: Mastering Burp suite 1. Introduction to burp suite 2. Configuring burp suite 3. Burp proxy 4. Burp Spider 5. Burp Intruder 6. Burp Repeater 7. Burp Sequencer Module 7: Injections 1. SQL Injection 2. Blind SQL Injection 3. Command Injection 4. LDAP Injection 5. XPATH Injection 6. SOAP Injection 7. File Includes 8. Other Injections 9. Implications of Injections 10. Test methodology for injections 11. Remediations Module 8: Cross-site Scripting 1. Reflected XSS 2. Stored XSS 3. DOM XSS 4. Implications of XSS 5. Test Methodology for XSS

6. Remediations Module 9: Cross-site Request Forgery 1. CSRF with GET method 2. CSRF with POST method 3. Implications of CSRF 4. Test methodology for CSRF 5. Remediations Module 10: Authentication testing 1. Introduction to Authentication 2. Guessable Passwords 3. Failure Messages 4. Brute forcing login 5. Plain text password transmission 6. Improper implementation of forgot password functionality 7. Remember Me Functionality 8. Guessable User names 9. Multi factor authentication flaws 10. Fail-Open Login Mechanisms 11. Insecure Storage of Credentials 12. Remediations Use Strong Credentials Transmit the credentials securely Log, Monitor, and Notify Module 11: Authorization testing 1. Introduction to authorization 2. Implementation weaknesses in authorization 3. Horizontal privilege escalation 4. Vertical privilege escalation 5. URL, Form, cookie based escalation Module 12: Types of web application security testing 1. Black box testing 2. White box tesing 3. Grey box testing 4. Vulnerability Assessment vs Penetration testing 5. Web application penetration test scope and process 6. Legalities of the VAPT

Module 13: Reconnaissance 1. Foot printing Domain details (whois) - Technicalinfo.net 2. OS and Service fingerprinting Netcraft.com, Banner grabbing, HTTPprint 3. Google hacking 4. Load balancer Identification 5. Spidering a web site (wget, Burp spider) 6. Application flow charting 7. Relationship analysis within an application 8. Software configuration discovery Module 14: SSL & Configuration testing 1. Testing SSL / TLS cipher 2. Testing SSL certificate validity client and server 3. Infrastructure and Application Admin Interfaces 4. Testing for HTTP Methods and XST 5. Testing for file extensions handling 6. Old, Backup and Unreferenced Files 7. Application Configuration Management Testing Module 15: Session Management testing 1. Need for session and state 2. Ways to implement state 3. how session state work 4. What are cookies 5. Common Cookies and Session Issues Attacks on Cookies and Session Session hijacking Session Fixation Session replay 4. Man in the middle Cookie / session security Http only X-Frame-option Use of SSL Module 16: Brute force web applications 1. Brute force authentication 2. Brute force Authorization 3. Brute force web services 4. Brute force web server 5. Brute force.htaccess

Module 17: Parameter Manipulation 1. Query string manipulation 2. Form field manipulation 3. Cookie manipulation 4. HTTP header manipulation Module 18: Other Attacks 1. Sniffing 2. Phishing 3. Vishing 4. D(D)OS Attacks 5. Unvalidated Redirects and Forwards Module 19: Samurai WTF 1. Introduction to Samurai WTF 2. Various Tools in Samurai WTF 3. Nikto 4. w3af 5. BeEF Framework 6. Fuzzing and JBroFuzz 7. DirBuster 8. Netcat 9. Brutus and Hydra 10. Overview of various Proxies (zed, rat, paros, webscarab) Module 20: Firefox security Add-ons 1. Tamper Data 2. SQL inject me 3. XSS me 4. Firebug 5. Live HTTP headers 6. Foxy Proxy 7. Web Developer Module 21: Automated Scanners 1. Acunetix 2. IBM App Scan 3. Burp Scanner 4. Effectiveness of Automated tools 5. Reduction of False positives and false Negatives

Module 22: VAPT Methodologies: 1. OWASP 2. SANS 25 3. WAHH 4. OWASP Check-list Module 23: Reporting 1. Importance of documentation 2. OWASP Risk rating methodology 3. Creating managerial, technical VAPT reports 4. Open reporting standards

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information