ABOUT THE COURSE

  • The best course available in the market. Compare to believe!
  • Comprehensive training on web security testing
  • 16 hours of in-classroom workshop time, exclusive of lunch/tea breaks
  • Late evening extended time provided on request
  • Focus on strong fundamentals
  • Elaborate coverage of tools and their comparison
  • Focus on web security from testing perspective
  • 15+ Hands-On Exercises
  • No assumptions about existing knowledge
  • Small batch size of 20 for more involved training.
  • Well received by testers as well as developers.

Who should take this course?

The course has been specifically designed for someone with none to basic knowledge of web security testing. Testers and Developers who want to explore web security testing from offensive perspective rather than defensive are the target audience for this workshop.

Prerequisites on Infrastructure

  • Bring your own laptop to work through our hands-on exercises.
  • You must have admin rights on the machine with permissions to configure browser settings

Pre-requisites on knowledge

  • None to basic knowledge about programming platforms/technologies

Topic Coverage 

Day 1

Day 2

1. Foundations of Web 

  • The Changing Face of the Web
  • How It Was
  • How It is Now
  • Why Web technologies became so popular
  • A high level view of Browsers, HTML, JavaScript, XML etc.

2. Foundations of Security

  • Where are the security issues in a software
  • Basics of Encoding and Encryption
  • Security Attributes with Examples – Authentication, Authorization, Confidentiality, Integrity, Non-Repudiation/Accountability, Availability
  • Understanding basic web user operations w.r.t. security attributes
  • What is the goal of security attacks
  • Why the attacks on the Web have become popular
  • All Input is Malicious
  • Change of Context – Data to Code

3. Under the Hood - Understanding HTTP

  • Introduction to HTTP
  • Introduction to Web Proxies
  • How does a Web Proxy Work
  • How to use a Web Proxy using Browser Options and Plugins
  • HTTP Request Format
  • HTTP Response Format
  • HTTP Methods
  • HTTP Status Codes
  • HTTP Headers
  • The key differences between a GET and POST
  • Converting a GET into POST and vice versa
  • HTTP is stateless
  • Session Management
  • Session Tokens versus Session
  • Cookies
  • Hidden Variables

4. Foundations of Web Security

  • Client-side restrictions – HTML / JavaScript
  • Cookies from Security Perspective
  • Encoding versus Encryption
  • Session Management from Security Perspective
  • Authentication and Authorization from Security Perspective
  • HTML Parameters from Security Perspective
  • The Misplaced Trust on Client
  • Understanding Web Architecture

5. Survey the Territory

  • Mapping an application from security perspective
  • Using Browser
  • Using Browser and Plugins
  • What are the different areas of interest

6. Top Vulnerabilities

  • Vulnerability Lists ( Focus on OWASP )
  • Injection (Focus on SQL Injection)
  • Cross-Site Scripting
  • Authentication Flaws
  • Session Management Flaws
  • Authorization Flaws
  • Cross-Site Request Forgery
  • Insecure Configuration
  • Insecure Storage
  • Insecure Transmission
  • Redirection Flaws

1. Hands-On and Brainstorming Exercises

The exercises are conducted using local vulnerable apps which have been designed and developed for the purpose.

No public website is used for the exercises, as that would break the Ethics code.

2. HTML

  • Creating Basic HTML Links
  • Creating Basic HTML Forms

3. Using Web Proxies

  • BurSuite
  • Understanding how the request is handled at various stages -> browser, TCP, web server, web framework middle layer, web server ( and then DB server, web service etc. if applicable )
  • Converting a GET into a POST request and vice versa

4. Using Browser Plugins

  • Proxy Bar, Proxy Button
  • FireBug / Web Developer
  • Tamper Data
  • HackBar
  • Groundspeed
  • Encoding and Decoding

5. Encoding and Decoding

  • URL Encoding
  • Base64 Encoding

6. Parameter Tampering

  • Hidden Variables
  • URLs
  • Form Data

7. Breaking Authentication

  • Brain-storming on various authentication flaws
  • Forgot Password Exercises

8. Breaking Access Flaws

  • Naming conventions from security perspective
  • Thinking from the development angle
  • Finding hidden directories and parameters
  • Manipulating Direct Object References

9. Breaking Session Management

  • Cookie Manipulation

10. SQL Injection

  • Understanding SQL using MySQL Database
  • Imagining SQL based on the web application context
  • String and Numeric SQL Injection
  • Understanding when to use which form
  • Understanding attack delivery for bug advocacy

11. Cross-Site Scripting ( XSS )

  • Retrieving cookies using JavaScript
  • Reflected XSS
  • Stored XSS
  • Understanding Delivery mechanism of XSS (Demonstration)
  • Relation to Social Engineering