WEB APPLICATION PENETRATION TESTING VERSION 3

Web Application Penetration Testing Version 3-PDF Download

  • Date:18 Nov 2019
  • Views:424
  • Downloads:52
  • Pages:29
  • Size:1,006.45 KB

Share Pdf : Web Application Penetration Testing Version 3

Download and Preview : Web Application Penetration Testing Version 3


Report CopyRight/DMCA Form For : Web Application Penetration Testing Version 3


Transcription:

INTRODUCTION,COURSE GOALS, The Web Application Penetration Testing course WAPT is an online self paced. training course that provides all the advanced skills necessary to carry out a thorough. and professional penetration test against modern web applications . Thanks to the extensive use of Hera Lab and the coverage of the latest research in. the web application security field the WAPT course is not only the most practical. training course on the subject but also the most up to date . This course although based on the offensive approach provides advice and best. practices to solve security issues detected during a penetration test . COURSE ORGANIZATION, The training course is completely self paced with interactive slides and videos that. students can access online without any limitation Students have lifetime access to. the training material , Students can study from home office or anywhere an internet connection is. available , This course Web Application Penetration Testing v3 is integrated with Hera Labs . the most sophisticated virtual lab in IT Security A minimum of 60 hours is advised . For more intensive use 120 hours may be necessary The Hera Lab provides a. dedicated and isolated environment where a student can practice topics seen in the. Course Home Page www elearnsecurity com wapt, INTRODUCTION.
TARGET AUDIENCE AND PRE REQUISITES, The WAPT training course benefits the career of penetration testers and IT Security. personnel in charge of defending their organization s web applications . This course allows organizations of all sizes to assess and mitigate the risks their web. applications are exposed to by building strong practical in house skills . Penetration testing companies can now train their teams with a comprehensive and. practical training course without having to deploy internal labs that are often. outdated and not backed by solid theoretical material . A student who wants to enroll in the course must possess a solid understanding of. web applications and web application security models . No programming skills are required However snippets of JavaScript HTML PHP. code will be used during the course ,WILL I GET A CERTIFICATE . The WAPT course leads to the eWPTv1 certification . The certification can be obtained by successfully completing. the requirements which is a practical penetration test exam. that consists of complex real world web application that is. hosted in our eLearnSecurity Hera Labs , An eWPTv1 voucher is included in all the plans of the WAPT course . Course Home Page www elearnsecurity com wapt, INTRODUCTION. ORGANIZATION OF CONTENTS, The student is provided with a suggested learning path to ensure the maximum.
success rate at the minimum effort , Module 1 Penetration Testing Process. Module 2 Introduction to Web Applications, Module 3 Information Gathering. Module 4 Cross Site Scripting, Module 5 SQL Injection. Module 6 Authentication and Authorization, Module 7 Session Security. Module 8 Flash Security, Module 9 HTML5, Module 10 File and Resource Attacks.
Module 11 Other Attacks, Module 12 Web Services, Module 13 XPath. Module 14 Penetration Testing Content Management Systems. Module 15 Penetration Testing NoSQL Databases, Course Home Page www elearnsecurity com wapt. WEB APPLICATION PENETRATION TESTING,MODULE 1 PENETRATION TESTING PROCESS. This module helps the penetration tester gain confidence with the processes and. legal matters involved in a penetration testing engagement . Students will learn methodologies and the best practice for reporting in order to. become a confident and professional penetration tester . This is a wealth of information that will be useful throughout the entire career of a. penetration tester ,1 Introduction, 1 1 Pre engagement. 1 1 1 Rules of Engagement, 1 1 1 1 Goal, 1 1 1 2 Scope of engagement.
1 1 2 Timetable, 1 1 3 Liabilities and Responsibilities. 1 1 3 1 Non disclosure agreements, 1 1 3 2 Emergency Plan. 1 1 4 Allowed Techniques, 1 1 5 Deliverables, 1 2 Methodologies. 1 2 1 PTES, 1 2 2 OWASP Testing Guide, 1 3 Reporting. 1 3 1 What do clients want , 1 3 2 Writing the report.
1 3 2 1 Reporting Phase, 1 3 2 2 Understanding your audience. 1 3 2 3 Report Structure, Executive Summary, Risk Exposure over time. Successful attacks by type, Vulnerabilities by cause. Vulnerability Report, Remediation Report, 1 3 3 Report templates and guides. Course Home Page www elearnsecurity com wapt, WEB APPLICATION PENETRATION TESTING.
MODULE 2 INTRODUCTION TO WEB APPLICATIONS, During this introductory module the student will learn and understand the basics of. web applications , In depth coverage of the Same Origin Policy and cookies will help both experienced. and non experienced penetration testers gain critical foundational skills useful for. the rest of the training course , At the end of the module the student will become familiar with tools such as Burp. Suite and OWASP ZAP , This module is an important introduction necessary for a heavily practical advanced. 2 Introduction to Web Applications, 2 1 HTTP S Protocol Basics.
2 1 1 HTTP Request, 2 1 2 HTTP Response, 2 1 3 HTTP Header Field Definitions. 2 1 4 HTTPS, 2 2 Encoding, 2 2 1 Introduction, 2 2 2 Charset. 2 2 2 1 ASCII, 2 2 2 2 Unicode, 2 2 3 Charset vs Charset Encoding. 2 2 3 1 Unicode Encoding, 2 2 3 2 HTML Encoding, HTML Entries. 2 2 3 3 URL Encoding percent encoding , 2 2 3 4 Base64.
2 3 Same Origin, 2 3 1 Origin definition, 2 3 2 What does SOP protect from . 2 3 3 How SOP works, 2 3 4 Exceptions, 2 3 4 1 Windows location. 2 3 4 2 Document domain, 2 3 4 3 Cross window messaging. 2 3 4 4 Cross Origin Resource Sharing, Course Home Page www elearnsecurity com wapt. WEB APPLICATION PENETRATION TESTING,2 4 Cookies, 2 4 1 Cookies Domain.
2 4 1 1 Specified cookie domain, 2 4 1 2 Unspecified cookie domain. 2 4 1 3 Internet Explorer Exception, 2 4 2 Inspecting the Cookie Protocol. 2 4 2 1 Login, 2 4 2 2 Set Cookie, 2 4 2 3 Cookie. 2 4 3 Cookie Installation, 2 4 3 1 Correct cookie installation. 2 4 3 2 Incorrect cookie installation,2 5 Sessions.
2 6 Web Application Proxies, 2 6 1 Burp Suite, 2 6 2 OWASP ZAP. Course Home Page www elearnsecurity com wapt, WEB APPLICATION PENETRATION TESTING. MODULE 3 INFORMATION GATHERING, Every penetration test begins with the Information Gathering phase This is where a. pentester understands the application under a functional point of view and collects. useful information for the following phases of the engagement . A multitude of techniques will be used to collect behavioral functional applicative . and infrastructural information , The students will use a variety of tools to retrieve readily available information from. the target ,3 Information Gathering, 3 1 Gathering information on your target.
3 1 1 Finding owner IP and emails, 3 1 1 1 Whois, Command line. Web based tool, 3 1 1 2 DNS, 3 1 1 3 Nslookup, Find target ISP. 3 2 Infrastructure, 3 2 1 Fingerprinting the web server. 3 2 1 1 Netcat, 3 2 1 2 WhatWeb, 3 2 1 3 Wappalyzer. 3 2 1 4 Web server modules, 3 2 2 Enumerating subdomains.
3 2 2 1 Netcraft, 3 2 2 2 Google, 3 2 2 3 Subbrute. 3 2 2 4 Dnsrecon, 3 2 2 5 TheHarvester, 3 2 2 6 Zone transfer. 3 2 3 Finding virtual hosts, Course Home Page www elearnsecurity com wapt. WEB APPLICATION PENETRATION TESTING,3 3 Fingerprinting frameworks and applications. 3 3 1 Third party add ons, 3 3 2 Mapping results,3 4 Fingerprinting custom applications.
3 4 1 Burp target crawler, 3 4 2 Creating a functional graph. 3 4 3 Mapping the attack surface, 3 4 3 1 Client side validation. 3 4 3 2 Database interaction, 3 4 3 3 Ile uploading and downloading. 3 4 3 4 Display of user supplied data, 3 4 3 5 Redirections. 3 4 3 6 Access control and login protected pages, 3 4 3 7 Error messages.
3 4 3 8 Charting,3 5 Enumerating resources, 3 5 1 Crawling the website. 3 5 2 Finding hidden files, 3 5 2 1 Back up and source code. 3 5 2 2 Enumerating users accounts, 3 5 2 3 Map, 3 6 Relevant information through misconfigurations. 3 6 1 Directory listing, 3 6 2 Log and configuration files. 3 6 3 HTTP verbs and file upload,3 7 Google hacking.
3 7 1 Search operators,3 8 Shodan HQ, Course Home Page www elearnsecurity com wapt. WEB APPLICATION PENETRATION TESTING,MODULE 4 CROSS SITE SCRIPTING. In this module the most widespread web application vulnerability will be dissected. and studied in depth , At first you are provided with a theoretical explanation this understanding will help. you in the exploitation and remediation process , Later you will have the opportunity master all the techniques to find XSS. vulnerabilities through black box testing ,4 Cross Site Scripting.
4 1 Cross Site Scripting, 4 1 1 Basics, 4 2 Anatomy of an XSS Exploitation. 4 3 The three types of XSS, 4 3 1 Reflected XSS, 4 3 2 Persistent XSS. 4 3 3 DOM based XSS, 4 4 Finding XSS, 4 4 1 Finding XSS in PHP code. 4 5 XSS Exploitation, 4 5 1 XSS and Browsers, 4 5 2 XSS Attacks. 4 5 2 1 Cookie Stealing through XSS, 4 5 2 2 Defacement.
4 5 2 3 XSS for advanced phishing attacks, 4 5 2 4 BeEF. 4 6 Mitigation, 4 6 1 Input Validation, 4 6 2 Context Aware output encoding. 4 6 3 Never trust user input, Course Home Page www elearnsecurity com wapt. WEB APPLICATION PENETRATION TESTING,MODULE 5 SQL INJECTION. This module will contain the most advanced techniques in finding and exploiting SQL. injections from the explanation of the most basic SQL injection up to the most. Advanced methods will be taught with real world examples using the best tools and. demonstrated on real targets , You will not just be able to dump remote databases but also get root on the remote.
machine through advanced SQL Injection techniques . 5 SQL Injection, 5 1 Introduction to SQL Injections. 5 1 1 SQL Statements, 5 1 1 1 SELECT, 5 1 1 2 UNION. 5 1 2 SQL Queries inside web applications, 5 1 3 Vulnerable dynamic queries. 5 1 4 How dangerous is a SQL Injection, 5 1 5 SQLi attacks classification. 5 1 5 1 In band SQLi, 5 1 5 2 Error based SQLi, 5 1 5 3 Blind SQLi.
5 2 Finding SQL Injections, 5 2 1 Simple SQL Injection scenario. 5 2 2 SQL errors in web applications, 5 2 3 Boolean based detection. 5 2 3 1 Example, 5 3 Exploiting In band SQL Injections. 5 3 1 First scenario, 5 3 2 In band attack challenges. 5 3 3 Enumerating the number of fields in a query. 5 3 3 1 Different DBMS UNION mismatch errors, 5 3 4 Blind enumeration.
5 3 5 Identifying field types, 5 3 6 Dumping the database content. Course Home Page www elearnsecurity com wapt, WEB APPLICATION PENETRATION TESTING. 5 4 Exploiting Error based SQL Injections, 5 4 1 MS SQL Server Error based exploitation. 5 4 2 The CAST Technique, 5 4 3 Finding the DBMS version. 5 4 4 Dumping the database data, 5 4 4 1 Finding the current username.
5 4 4 2 Finding readable databases, 5 4 4 3 Enumerating database tables. 5 4 4 4 Enumerating columns, 5 4 4 5 Dumping data. 5 4 5 Video Error based SQLi, 5 4 6 MySQL Error based SQLi. 5 4 7 PostgreSQL Error based SQLi, 5 4 8 Developing Error based SQLi Payloads. 5 5 Exploiting blind SQLi, 5 5 1 String extraction.
5 5 2 Detecting the current user, 5 5 3 Scripting blind SQLi data dump. 5 5 4 Exploiting blind SQLi, 5 5 4 1 String extraction. 5 5 5 Optimize blind SQLi, 5 5 6 Time based blind SQLi. 5 6 SQLMap, 5 6 1 Basic syntax, 5 6 2 Extracting the database banner. 5 6 3 Information Gathering, 5 6 4 Extracting the Database.
5 6 5 Extracting the Schema, 5 6 6 Video SQL Injection. 5 6 7 Video SQLMap, 5 6 8 SQLMap Advanced Usage, 5 6 8 1 Forcing the DBMS. 5 6 8 2 Fine tuning the payloads, 5 6 8 3 Aggressiveness and load. 5 6 9 Conclusions,5 7 Mitigation Strategies, 5 7 1 Prepare statement. 5 7 1 1 Implementation, 5 7 2 Type casting, 5 7 3 Input validation.
Course Home Page www elearnsecurity com wapt, WEB APPLICATION PENETRATION TESTING. 5 8 From SQLi to Server Takeover, 5 8 1 Advanced MySQL Exploitation. 5 8 1 1 xp cmdshell, 5 8 1 2 Internet Network Host Enumeration. 5 8 1 3 Port Scanning, 5 8 1 4 Reading the File System. 5 8 1 5 Uploading Files, 5 8 1 6 Storing Command Results into a Temporary Table.
5 8 2 Advanced MySQL Exploitation, 5 8 2 1 Reading the File System. 5 8 2 2 Uploading Files, 5 8 2 3 Executing Shell Commands. 5 8 3 Conclusions, Course Home Page www elearnsecurity com wapt. WEB APPLICATION PENETRATION TESTING,MODULE 6 AUTHENTICATION AND AUTHORIZATION. Any application with a minimum of complexity requires authentication at some point . The chances are that the authentication mechanisms in place are not sufficient or are. simply broken exposing the organization to serious security issues leading to a. complete compromise of the web application and the data it stores . In this module the student will learn the most common authentication mechan. WEB APPLICATION PENETRATION TESTING VERSION 3 The most practical and comprehensive training course on web application pentesting eLearnSecurity has been chosen by students in over 140 countries in the world and by leading organizations such as

Related Books