Web Application: Attacks and Defense - Advanced Edition
Course
In Ahmedabad
Description
-
Type
Course
-
Location
Ahmedabad
-
Duration
2 Days
Facilities
Location
Start date
Start date
Reviews
Course programme
Overview:
The program focuses on web application security - the problems that occur in the design and implementation of a web programming, and how to find and fix security flaws, and provide candidates with extensive understanding of research techniques and evaluation and different types of tools to find and fix these security flaws.
Program Objective
This program is designed and developed with following objectives for security professionals:
* Web application security topics
* Web attacks increasing
* Evaluation methods
* Methods and technologies
* Web application attack vectors
* Secure coding and defense
* Many hands on challenges
Aim Audience:
* Security consultants and masters
* Web engineers
* Auditors
* Application programmers
Requirements:
Students should have the following prerequisite knowledge before attend this program:
* Students should have basic knowledge of Windows and Unix systems
* Students should have Elementary knowledge of networking
* Students should have fundamental knowledge of web applications
Topics Covered:
In this three days training program candidates will learn about:
Schedule: Day-1
Module-1 Web Security Fundamentals and Concepts
* Web security trends and opportunities
* The development and security issues
* Learn about fundamentals of security threats
* Understand Security players and models
* Development of Web Applications
* Web application security concerns
* Q & A
Module-2 Learn about Methods, components and protocols
* Understand Web application assessment methods
* Understand Web Application Component
* Programming Languages
* Understand HTTP Protocol
* Laboratory
Module-3 Understand about Web application deployment and security
* Deployment problems
* Learn about Web server configurations
* Loopholes as directory searching and file access
* Understand Web Server Vulnerabilities
* Footprints of Web server
* Supporting deployment
* Laboratory
Module-4 Learn about Web Application footprinting, Find and Profiling
* Footprints of web application
* Host and domain footprints
* Collecting information on major networking
* Finding web applications
* Understand Profiling web applications
* Know about Attributes & Protection
* Laboratory
Schedule: Day-2
Module-5 Understand Web application attack vectors-I
* Assets to attacks mapping
* The source code sniffing
* Error management and exception management
* Source code disclosures
* Understand Input validation
* Laboratory
Module-6 Understand Web application attack vectors-II
* SQL injection
* Malicious code injection client or server side
* File system access
* Session Hijacking
* XPATH Injection
* Database hacking
* Laboratory
Schedule: Day-3
Module-7 Defense
* Security Control
* Encoding safe
* Mod security for open source
* Content filtering
* Laboratory
Module-8 Master Laboratory and Challenges
Web Application: Attacks and Defense - Advanced Edition