Web Application Penetration Testing
Web application plays important role in every organization, but if the application is not properly tested and is deployed, the hacker can compromise these applications which ultimately can damage the business and steal the data. Unfortunately, many organizations believe that they can test the application using well-known scanners which will display all the flaws in the application.
To protect the applications from external and internal attackers one has to know all the bits and pieces that make the web application. The issue is that attacker has to know only one way to break into the application and developer (or a systems administrator) has to know all of the possible exploits in order to prevent this from happening. Because of that, it is really difficult to have a bulletproof secured web application, and in most of the cases, the web application is vulnerable to something. This is regularly exploited by cyber criminals and casual hackers, and it can be minimized by correct planning, development, web application testing and configuration.
The web application penetration testing course covers the fundamentals of the industry-recognized OWASP Top Ten – to quote OWASP: “the ten most critical web application security risks”. This course will give the participants an in-depth understanding of security concepts and web application hands-on testing methodology.
After this course, the participant will be able to understand and identify OWASP top 10 vulnerabilities and to incorporate that knowledge in web application protection scheme.
- Introduction and Information Gathering
- Configuration, Identity, and Authentication Testing
- Injection Attacks
- Session Hijacking
- Cross-Site Request Forgery, Logic Flaws, and Advanced Tools
- OWASP Top 10 Vulnerabilities
- Vulnerability Assessment tools and techniques
- Report Writing
This will be four days course. The training will be provided at different venues all over the country.
Course Prerequisites and Requirements:
The participant should have knowledge of the Web Application Development and basic knowledge about the Linux commands.
The participant is required to have laptops with cross virtualization application (Virtual Box or Vmware) and Kali Linux installed.
- The Laptop should have minimum 4GB RAM
- The Laptop should have minimum 50GB free hard drive space