Back to All Events

Ultimate Web Hacking


  • secwest.net Vancouver Canada (map)

Description

With every application that an organization brings online or e-business that goes live, malicious hackers are waiting to attack. This class provides security professionals with the knowledge and tools to recognize software vulnerabilities, develop countermeasures, and perform ongoing assessments of these internet facing applications. In a hands-on setting, Ultimate Web Hacking instructors offer demonstrations on how attackers can access corporate information with little more than a web browser.

In this class, the students will learn strategic, tactical and operational countermeasures to prevent hackers from exploiting web-based applications, security considerations unique to secure web applications, thorough knowledge of popular web application and infrastructure vulnerabilities including SQL injection, cross site scripting, authentication/authorization issues and session management weaknesses.

Who Should Take This Class

System and network administrators, security personnel, auditors, consultants, and/or web designers concerned with web security should take this course. Basic UNIX and Windows NT competency is required for the course to be fully beneficial.

Exercises

All topics are supported by hands-on exercises specifically designed to increase knowledge retention. Classroom exercises provide the basic hands-on experience needed to secure web applications and internet facing software.

Course Materials

  • Student manual

  • Class handouts

  • Foundstone authored book

  • Foundstone t-shirt

  • Free Tools CD with course tools and scripts

Topic

  • Introduction to Web applications

  • Profiling the environment

  • Finding vulnerabilities in configuration management

  • Parameter manipulation

  • Breaking authentication and user management

  • Breaking session management

  • Cross site scripting

  • Cross site request forgery

  • SQL Injection

  • File system traversal

  • Other grab bag topics

Prerequisite Knowledge

  • Working knowledge of Windows or Unix Operating Systems and command-line tools

  • Knowledge of HTTP, SSL and related protocols

  • Working knowledge of shell scripts, SQL, Perl and javascript

Laptop Requirements

  • Processor 1Ghz or higher

  • 512 MB RAM minimum

  • 20 GB Hard Drive space

  • 10/100/1000 NIC

  • DVD Reader

  • SVGA 1024x768 recommended

  • Keyboard & mouse or other pointing device

  • Operating System – Microsoft Windows 2000 or Windows XP

  • VMWare Player or Workstation pre-installed

 

Instructor: Yen-Ming Chen

No bio.