Web Application Vulnerability Assessment and Penetration Testing

Makati, Philippines

Web Application Vulnerability Assessment and Penetration Testing teaches you the vulnerabilities that are seen frequently in web applications and trains you extensively on manual testing of its components for eliminating threats. Objectives

At the end of the program, the students will be able to understand web servers, web applications, web application threats and vulnerabilities. The students will be able to carry out Vulnerability Assessment and Penetration Testing for Web Applications and suggest countermeasures.
Duration
3 days

Course outline

I. Introduction to Web Applications and Architecture
1. What is web application?
• Introduction
• Components of a web application
• Basic Architecture

2. HTML overview
• HTML Intro
• HTML Syntax
• Sample HTML page

3. Introduction to J2EE
• J2EE Architecture
• JSP Syntax
• JSP page on a Tomcat server
• Intro to Ejb, jdbc and Servlets

4. Introduction to ASP.Net
• Dot Net Framework
• C#, ASP.Net Language
• Ado.Net overview
• Sample Asp.Net page

5. Introduction to AJAX
• Ajax overview
• Ajax syntax
• Using Ajax

6. Overview of SOAP, XML and Web services
• SOAP overview
• XML introduction
• XML page along with DTD

7. Overview of web services
• Interoperability of applications using web services

8. Introduction to PHP
• PHP overview
• PHP language syntax

9. Overview of JSON
• Overview of JSON
• Web application architecture
• N-tier Architecture
• 3-tier Architecture
• Sample J2EE Application Architecture
• Sample Dot Net Application Architecture

10. Common Web 2.0 Applications
• Why people prefer open source
• Free vs. Commercial

11. Web Application Threats
• XSS
• SQL Injection
• Remote code execution
• URL encoding
• Domain privacy and security
• Footprinting Domain details
• Technicalinfo.net
• Netcraft.com

12. Authentication Brute force
• Htaccess used in Linux
• Breaking Basic Authentication with Brutus

13. Cookie / session security
• Why cookies are used
• Session management
• Cookie stealing

14. Buffer overflow attacks: In-depth
• Understanding memory
• Code layout and execution
• How Buffer overflows affect Web servers
• Stack based buffer overflow

II. Web Application Attacks

1. Enterprise Application Patterns to
16. Secure coding principles for Web applications

III. Vulnerability Assessment and Penetration Testing

1. OWASP Introduction to
13. Legalities

* This is only a partial course outline, for complete details, please contact the undersigned.

REGISTER NOW

Limited Seats Only!!
________________________________________
For reservation / inquiry please call us
Tel. 840.2612
Fax. 8938527
_____________________________________________
Look for Jud
Or text / call 0926.1069134
judy@bitshieldsecurity.com

Training Package:s
Training Materials
Certificate of Completion
Meals (Lunch and AM/PM Snacks)

Duration : 3 Days
Time : 9:00 am to 5:00 pm
Venue : TBA

Payment Details:

Bank Deposit: Banco de Oro – Reposo Branch
Account Name:Bitshield Security Consulting, Inc.
Account No. 417800-9134

Please fax deposit slip at 893 8527 or email scanned copy at judy@bitshieldsecurity.com
If you have other concerns, please do not hesitate to contact us and we will be glad to assist you.
Thank you very much and we are looking forward to have you as one of our attendees in the future.

Truly yours,
Judy Ann Raon | Sales Officer for Training
BITSHIELD SECURITY CONSULTING, INC.
Tel: (+632) 840-2612
Fax: (+632) 893-8527
Mobile: +63926-1069134
Email: judy@bitshieldsecurity.com
URL: www.bitshieldsecurity.com

“Protecting your information assets is our business”

Attendance cost: Contact us

Event organizer: Judy Ann

Register for the Web Application Vulnerability Assessment and Penetration Testing