Ua
En

Web Application Security

Web application security - is an entirely practice-oriented course that is aimed at:
► Identifying,
► Potential project damage assessment,
► Fixing the vulnerabilities using different methods

We're not willing to make you a "one-button hacker", but do our best to provide you with the necessary skills and knowledge to conduct real research and penetration testing

Here is what you will learn during the course:
► Exploit bugs from OWASP-10;
► Reveal bugs using white and black boxes;
► Analyze the code security correctly and efficiently;
► Integrate practices of secure development.

Who would find the course useful:
Web Developers. The course help to understand the evil core of the essence of bugs appearing in the code;
future pentesters. The course would help to understand the main principles and skills of web application audits and get a real-life experience in it;
DevOps engineers. The course would help them build secure infrastructure and automate the identification and prediction of the vulnerabilities;
Empoyers. The course would help them to increase the safety of commercial data of the company

The courses will take place every Tuesday and Thursday at 7 PM, online

Date

18th of February

Duration

1 місяць

Available places

30 places

Price (without VAT)

6500 UAH

Course Schedule:

Module 1 Injection
+
  • Basic understanding of the attack vector
  • SQL injection / Blind SQL injection
  • SQLmap assistant review
  • OS command injection
  • HTML injection
  • Other injection types (NoSQL, LDAP injection, template injection)
  • Means of protection
Module 2 Broken Authentication.
+
  • Basic understanding of the attack vector
  • Search information about logins, lengths and consistency of passwords
  • Simple brute forcing of the logins and/or passwords
  • Attack on the one-time password
  • Means of protection against brute force
  • Means of the the anti-brute force protection bypassing
  • Session hijacking
  • 2 Factor Authentificcation. Bypassing vectors
  • Offline password hacks. Rainbow tables. Creation of a homemade password hacking farm
  • Errors in password hacks realization
Module 3 Sensitive Data Exposure
+
  • General understanding of the vulnerability
  • Information reveal via error messages
  • Information reveal via comments, robots.txt, sitemap.xml
  • Information and source code reveal via system and publicly available backups
  • Elastic Search - what it is and why it's so many potential data breaches related to it
  • Information reveal via version control systems
  • Information reveal via API (front end frameworks)
Module 4 XML External Entities (XXE)
+
  • General understanding of the vulnerability
  • Content retrieving from random files
  • SSRF attack via XXE
  • XXE attack using the external malware DTD
  • XXE via file upload
  • Means of protection
Module 5 Broken Access Control
+
  • General Understanding of the vulnerability
  • Unprotected admin panel. Basics of the gobuster assistant
  • Indentifying the user's role via request parameters or cookies
  • User roles change via profile
  • Insecure direct object references (IDOR)
  • Referrer- dependent access rights
  • How to text your product on YOU using BurpSuite
Module 6 Security Misconfiguration
+
  • General understanding of the vulnearbility
  • Stadand logins and passwords
  • Directory listing available
  • Publicly available phpinfo
  • Configuration mod ON, too detailed error reports
  • What are the threats of revealing the software versions. Wappalyzer plugin
  • Means of protection
Module 7 Cross-Site Scripting XSS
+
  • General undesrtanding of the vulnerability
  • Reflected XSS
  • Strored XSS
  • DOM XSS
  • Blind XSS. XSS Hunter review
  • Examples of what can be done using the XSS exploits. Demostration of the BeEF Framework
  • Means of protection
Module 8 Insecure Deserialization
+
  • General understanding of the vulnerability
  • Serialised objects modifications
  • Types of data modifications
  • PHP objects injection
  • Real case with HackerOne vulnerability
Module 10 Insufficient Logging & Monitoring
+
  • Problem statement or "Why the fact of attack can be unnoticed for years?"
  • "Protective" software classification
  • Web Application Firewall (WAF)
  • Means of penetration identification (OSSEC)
  • Means of protection from penetration (OpenVAS)
  • Security isn't a product, it's a process
  • How to store logs correctly in distributed systems (Kibana)
  • Commercial means of protection

Register as a participant of the course by submitting the form