Click Here to Fill the Enquiry Form
Course No: IS0032
This is a certification course designed with intention of providing in depth skills in testing Web Application Security. This certification focuses at delivering hands-on comprehensive practical training on real time Web App Security scenarios. Once a candidate does this certification, we certify him/her to be a Expert in Web Application Security Testing.
This course will be useful for almost computer engineers having basic knowledge of will anyway keep them aware with secure strategy irrespective of being in testing or in development. Specifically this program will be helpful to following genre of people:
- Web Administrators
- Penetration Testers
- Web Application Professionals
- Aspirant Engineering Bachelors
We have some pre-requisite for this course. These are not mandatory but having them will certainly be a benefit for you.
- Basic knowledge of Web Application design and structure
Introduction To Web App Security
- Web application Functionality
- Benefits of Web Applications
- Causes of Web Application Vulnerabilities
Web App Technologies
- HTTP Requests, Response, Methods.
- HTTP Headers
- Cookies
- HTTPS
- Encodings Techniques
- Overview of Javascript
- Json Requests
Setting up the Lab
- Installing Auto-Scanners
- Setting up the Intermediate Proxy
- Scanner Configurations
- Advance proxy Configurations
- Tool availability
- Easify your work (Addons : Wapplyzer, Cookie Manager, Foxy Proxy, Tamper Data, Live HTTP Headers, Firebug)
Mapping the Target
- Information Gathering
- Reconnaissance
- Identifying Application Structure
- Spidering
Burp Suite Megaprimer
- Spider
- Repeater
- Intruder
- Sequencer
- Comparer
- Decoder
Overview of OWASP Top 10
Injection Attacks:
- SQL Injection
- Command Injection
- Header Injection (CRLF)
HTML Injection (Cross Site Scripting)
- Stored XSS
- Reflected XSS
- DOM Based XSS
Cross Site Request Forgery
- CSRF Token By-pass
- Countermeasures
- Predictable Tokens
Abuse of Functionality
- Malicious File Upload
- Remote File Inclusion
- HTTP Parameter Pollution
Authorization Issues
- Session Related Vulnerabilities
- Forced Browsing
- Testing Different User Roles
- Insecure Direct Object Reference
- Privilege Escalation
Authentication Issues
- Brute Forcing
- Authentication Cookie Spoof
- Password Policy Checks
- Username Enumeration
- Forgot Password Functionality
Logic Testing
- Password Reset Vulnerability
- Banking Application Vulnerabilities
- E-commerce / Payment gateway Vulnerabilities
- Validation Bypass
Miscellaneous Attacks
- Denial Of Service
- Server Mis configuration
- Attacks on CAPTCHA
- .Information Disclosure issues
Web Service Testing
SSL Related Vulnerabilities
Web Application Firewalls
Vulnerability Reporting
Regular
$250
₹ 13,500 - Slides Booklet
- Tools/SW
- Lab Booklet with Code Scripts
- Class Room Demo
- Hands On Training
- Training Videos
- Cloud Lab Access
- Lifetime Support
- Deliverable On Site
- 30 Hours Class
$ 250 ₹ 13,500 DLP
$175
₹ 9,500 - Slides Booklet
- Tools/SW
- Lab Booklet with Code Scripts
- Class Room Demo
- Hands On Training
- Training Videos
- Cloud Lab Access
- Lifetime Support
- Deliverable Via Post
- 3 Months Access
$ 175 ₹ 9,500 Online
$125
₹ 6,700 - Slides Booklet
- Tools/SW
- Lab Booklet with Code Scripts
- Class Room Demo
- Hands On Training
- Training Videos
- Cloud Lab Access
- Lifetime Support
- Deliverable Via Downloads
- 3 Months Access
$ 125 ₹ 6,700 Virtual Class
$200
₹ 10,800 - Slides Booklet
- Tools/SW
- Lab Booklet with Code Scripts
- Class Room Demo
- Hands On Training
- Training Videos
- Cloud Lab Access
- Lifetime Support
- Deliverable Via Downloads
- 30 Hours Virtual Class
$ 200 ₹ 10,800
Have a query?
You got any doubt, question, suggestion in mind? Contact us.
One of our team member will get back to you asap.
Would like to tell the world about this course? Why not share it?
