web application security - course overview
DESCRIPTION
Web Application penetration testing course content.TRANSCRIPT
2 http://www.securitylearn.net
Course Content
History of web application
Introduction to web application architecture
Uniform Resource Locator (URL)
HTTP
Introduction
HTTP Methods
WEBDAV methods
Request/Response analysis
Security problems with http
HTTPS
Handshake protocol
Record protocol
Proxy
Man in the middle attack
Tools: Burp proxy, Paros proxy, web scarab
Encoding Techniques
URL Encoding
HTML Encoding
Unicode Encoding
Tools: Burp decoder
Profiling Application
Spiders, crawlers
Search engine discovery
Banner Grabbing
Robots.txt
Analysis of error codes
Tools: HttpPrint, netcraft
Attacking Authentication
Authentication Types
Brute force attacks
Analyzing Auto complete options
Insecure credential transmission
Session puzzle attacks
Authentication bypass techniques
Shoulder surfing
3 http://www.securitylearn.net
CAPTCHA Rebinding attacks
Countermeasures
Tools: Bruter, Burp Repeater, Burp Intruder
Attacking Authorization
Authorization types
Parameter tampering
Horizontal privilege escalation
Vertical privilege escalation
Referrer spoofing
Cryptography weakness
Symmetric cryptography
Asymmetric cryptography
Substitution cipher
Stream cipher
Block cipher
Steganography
SSL cipher testing
Cracking hashes
Padding oracle attack
Cracking ECB encryption
Tools: SSLDigger, MD5 crack
Attacking Session management
Introduction
Secure flag
HTTPOnly flag
Cookie Domain & Path
Session Token analysis
Session fixation
Cookie transmission mechanisms
Tools: Burp sequencer
Timeout issues
Cross site scripting attacks
Same origin policy
Reflective XSS
Stored XSS
DOM based XSS
Anatomy of XSS
Exploitation
Impact of XSS
XSS Shell
4 http://www.securitylearn.net
XSS & Metasploit
Black list/White list
Input validation
Output encoding
Remediation
Tools: Beef
SQL injection
Error based SQLi
Blind SQLi
SQLi exploitation
Data extraction with UNION queries
Data extraction with inference techniques
Command execution with SQLi
Impact of SQLi
Remediation
Stored procedures Vs Parameterized queries
Tools: SQLMap, Absinthe
Cross site request forgery
Anatomy of CSRF
Remediation
CAPTCHA Rebinding attack
Tool: CSRFTester
URL Redirection attacks
Phishing attacks
Remediation
HTTP Response splitting
Cache positioning
Command execution
Input validation attacks
File Uploads
Path traversal attacks
Local file inclusions
Remote file inclusions
Command Execution
Remediation Techniques
Server Configuration issues
WEBDAV methods
Caching vulnerabilities
Directory listing
5 http://www.securitylearn.net
Attacking Web Server
Denial of service attacks
Buffer over flows
Remediation
OWASP Top10 web application risks
Scanners
Usage of tools
Pros, Cons & Problems with scanners
IBM- AppScan
HP- WebInspect
Risk Assessment
OWASP Risk Rating methodology
Pentest Reports
Executive reports
Detailed reports
Web Application Security Checklist
Contact
Satish B
Email: [email protected]