Information Security Training web security testing workshop

WEB APPLICATION SECURITY TESTING

Hands-On | 42+ Hours, 7 Days | Online LAB Access

Hack2Secure’s ‘Web Application Security Defender’ Exam Attempt

Aligned with OWASP Testing Guide & Practices

Hack2Secure’s Workshop on Web Application Security Testing provides hands-on exposure using both Real-Time scenarios and Simulated Lab environment to required Tools and Techniques on different Web Security Risk and Attack vectors.

Scoped around OWASP Security Testing Guide, these intensive practical sessions provides deep-dive on required practical tips and tricks to evaluate, test and assess Security of Web Application. It also covers OWASP Top10 Web Security Risk from analysis, Testing and defense best practices prospect.

What you will Receive?

  • Instructor Led Classroom Sessions
  • Soft Deliverables
    • Program Slides & Lab Guides
    • Reference Documents
  • Online Lab Access [30 Days]
  • WASD Exam Voucher
    • 1 Attempt, 6 months Validity
    • Globally Proctored and Delivered by Pearson VUE
  • Training Completion Certificate
  • Access to Self Paced Online Sessions

What NOT to Expect?

  • Deep-dive to Information Security Basic concepts, apart from scoped curriculum
  • Providing deep-dive on any Web Programming Language or Technology
  • Any distribution of License or Key of Commercial Security Tools
  • Job Opportunity (But, it will be easy to find with this curriculum and skill-set)
  • Travel, Accommodation

Requirements/Pre-requisites

  • Basic knowledge of UNIX & WINDOWS Operating System and Command line operations
  • Working Knowledge of Web related Concepts, basic functionality of Protocols especially HTTP
  • Basic understanding of web technologies and programming languages

Laptop Required

Hack2Secure will provide access to its Cloud based Lab Environment including access to Vulnerable Web Server and required Security Tools. To access same, Students are required to have sufficient configuration supporting Laptop and Internet Speed.

  • Students need to bring their Laptop to access Lab environment

Min. Laptop Configuration

  • Operating System: Windows 7, 8, 8.1, 10
  • RAM: Min. 4 GB (Recommended)
  • Networking: LAN Port

Web Security Testing Workshop Info

OWASP Web Testing Framework Web Reconnaissance methods
SSL/TLS Protcol Web Enumeration
Scanning & Spidering Explore A.A.A. Concerns
Session Management Attacks Injection Attacks
Cross Site Scripting Cross Site Request Forgery
Nmap, Nikto, Recon-Ng Burp Suite, ZAP

Instructor Led Classroom Sessions
Training Completion Certificate
Online Lab Access [30 Days]
Hack2Secure’s WASD Cert Attempt Voucher
Soft Deliverables
Access to Self-Paced Online Sessions

Security Team
  • Security Engineers & Testers
  • Auditors, Managers, Consultants
R&D Team
  • Architects, Developers, Analyst
  • Software Testing Team (QA)
  • Consultants, Research Engineers
Students
  • Looking to pursue career in Web Application Security Assessment & Testing

Workshop Modules

Building the Base

  • Web Security: Intro
  • Web Proxy Servers
  • HTTP Protocol: Analysis
  • HTTPS Protocol: Testing
  • OWASP: Intro

Web Reconnaissance

  • DNS Protocol: Analysis
  • Open Source Intelligence
  • Google Hacking
  • Website Mirroring
  • Recon-Ng, TheHarvester

Explore Entry Points

  • Web Scanning: NMap, Nikto
  • Fingerprinting, Spidering
  • Fuzzing
  • Directory Browsing

A.A.A. Concerns

  • Authentication: Schemes & Attacks
  • Authorization: Access Control Types
  • Priv. Escalation, Directory Traversal
  • Accountability: Secure Practices

Session Management

  • Sessions & Tracking Methods
  • Attacks on Session
  • Securing Cookies & Headers
  • Cross Site Request Forgery

Injection Attacks

  • SQL Query: Primer
  • SQLi: About, Types & Scenarios
  • Command Injection
  • Local/Remote File Injection

Cross Site Scripting

  • JavaScript: Primer
  • Same Origin Policy
  • XSS: About, Types & Scenarios
  • HTML Injection

Web Services & APIs

  • Securing Web Services
  • JSON & AJAX Security
  • Attacks with SOAP Queries

Buffer Overflow Attacks

  • Heap & Stack Overflow
  • Format String Vulnerabilities

Web Filters & Firewalls

  • Web Application Filtering
  • Web Application Firewalls (WAF)

Python for WAST

  • Python: Primer
  • Python to craft HTTP Packets
  • Scapy: Usage & Analysis

Send Details

H2S Web Security Testing Workshop [Reference Guide]

Web Application Security Defender

Evaluate your Web Security TestingKnowledge & Skills

wasd certification
    Book an Exam  Contact Us  Enquire Now !