Certified Secure Web Application Engineer
|
Key Data
|
Certified Secure Web Application Engineer Course Description | ||||||
|
Course Name: Certified Secure Web Application Engineer Duration: 4 days Language: English Format: Prerequisites: Student Materials:
Attend live classes from anywhere in the world! • Live Presentations with Powerful functionality that delivers easy viewing of slides and other documents, shared Internet access, virtual whiteboard, and a media center all through an easy-to-use toolbar. |
Course Overview:
|
||||||
|
DETAILED HANDS-ON LABORATORY SCENARIOS
Lab 1 – Getting Set Up
Exercise 1 – Naming and subnet assignments
Exercise 2 – Discovering your class share
Exercise 3 – VM Image Preparation
Exercise 4 – Discovering the Student Materials
Exercise 5 – PDF Penetration Testing Methodology review
Lab 2 – Information Gathering
Exercise 1 – Google Queries
Exercise 2 – Footprinting Tools
Exercise 3 – Getting everything you need with Maltego
Exercise 4 – Using Firefox for Pen Testing
Lab 3 – Detecting Live Systems
Exercise1 – Look@LAN
Exercise 2 – Zenmap
Exercise 3 – Zenmap in BackTrack 5
Exercise 4 – NMAP Command Line
Exercise 5– Hping2
Exercise 6 – Unicornscan
Lab 4 – Reconnaisance
Exercise 1 – Banner Grabbing
Exercise 2 – Zone Transfers
Exercise 3 – SNMP Enumeration
Exercise 4 – LDAP Enumeration
Exercise 5 – Null Sessions
Exercise 6– SMB Enumeration
Exercise 7 – SMTP Enumeration
Lab 5 – Hacking Web Applications
Exercise 1 – Access control flaws – Broken Access control
Exercise 2 – CSRF in .NET Framework
Exercise 3 – Improper Error Handling
Exercise 4 – Race conditions
Exercise 5 – Stack traces
Exercise 6 – Input Manipulation
Exercise 7 – Shoveling a Shell
Lab 6 - HP Test Fire demo http://zero.webappsecurity.com
Lab 7 – Doing a Scan on a WebService
Lab 8 – Vulnerability Software Scanning
artist: r4w8173
Latin to English translation — Alpha
APPENDIX
Lab 1 – CSRF in Java
Exercise 1 – Hacme Bank – Horizontal Privilege Escalation
Exercise 2 – Hacme Bank – Vertical Privilege Escalation
Exercise 3 – Hacme Bank – Cross Site Scripting
Lab 2 – Database Hacking
Exercise 1 – Hacme Bank – Login Bypass
Exercise 2 – Hacme Bank – Verbose Table Modification
Exercise 3– Hacme Books – Denial of Service
Exercise 4– Hacme Books– Data Tampering
Lab 3 - Linux Fundamentals
Exercise 1 – ifconfig
Exercise 2– Mounting a USB Thumb Drive
Exercise 3– Mount a Windows partition
Exercise 4 – VNC Server
Exercise 5– Preinstalled tools in BackTrack5
Executive Summary
Lab 4 - Web Application Assessment Details
http://demo.testfire.net/admin/
Vulnerability Recommendation
Lab 5 – Secure Code Review





