Course Overview:
The course validates the ability to properly conduct penetration tests using the best available methods you will know to do exploits and conduct reconnaissance after finish the course. The Web Application security and penetration testing course enable the students to establish industry acceptable auditing standards with current best practices and policies specifically for the web applications and cloud environment. The students can learn, implement and penetration test the concepts taught
in this course in real-world scenarios.
Course Objectives:
- Understand and identify possible exploits in live web applications
- Reconnaissance
- Different penetration testing methods
- Identify OWASP top 10 vulnerabilities
- Working with Virtualization for testing environments
- Using all the knowledge to protect your web application
Target Audience:
- Web Developers
- IT Managers who willing to understand web security in an advanced manner.
- Security professionals who want to fill the gaps in their information
- Security knowledge
- IT engineers who want to build a secure network against the attacks
- Network Administrators
Course Duration:
- 5 Days
Course Content:
Module 1
- Overview of web technologies
- Web application architecture
- Attack trends
- Authentication vulnerabilities
- Authorization vulnerabilities
Module 2
- SSL vulnerabilities and testing
- Session vulnerabilities
- Cross-site request forgery
- Input-related flaws
- SQL injection
- Passwords and hashes
Module 3
- Cross-site scripting
- Web services config security
- Vulnerability detection in web application
- Incident handling
Module 4
- XML security
- AJAX technologies
- AJAX common attacks
- Invalid redirect and forwards
- Insecure direct object references
Module 5
- Metasploit Framework
- Reconnaissance
- Penetration testing using PowerShell