<p><p>

APPLICATION SECURITY PENETRATION TESTING(WEB APPLICAITON HACKING )Here is the content of the Application Security Penetration Testing  course (AppSec). AppSec is designed for the job seekers who has interested in getting into information security domain. AppSec is the best course to get job faster. And for those who want to switch their domain to information security without losing the experience this is the best course. This covers basics to advanced level. We designed our course as per industry requirements and standards (OWASP), the content we cover listed below</p>
<p>“Sec_rity is incomplete without “U” “</p>

APPLICATION SECURITY PENETRATION TESTING
(WEB APPLICAITON HACKING )

Here is the content of the Application Security Penetration Testing  course (AppSec). AppSec is designed for the job seekers who has interested in getting into information security domain. AppSec is the best course to get job faster. And for those who want to switch their domain to information security without losing the experience this is the best course. This covers basics to advanced level. We designed our course as per industry requirements and standards (OWASP), the content we cover listed below

“Sec_rity is incomplete without “U” “

PREQUISITES FOR GETTING IN TO HACKING
Note: Trainer will be teaching pre-requisites as well so anyone can learn this course

Networking Basics

IP addressing, Routing, Network Configurations

OSI 7 Layer Model

Protocols: TCP, UDP, ICMP, Ports, DNS, DHCP, SMTP, POP3, IMAP, HTTP, HTTPS, FTP

Analyzing Network Protocols with Wireshark Tool

Operating System 

Kali Linux OS installation and commands

Virtual machines- VMWare/Virtual Box Basics

Web/Database Technologies Basics 

HTML, HTML5, JavaScript, MySQL

Web Application Architectures 

Cryptography Concepts 

Encoding, Encryption

Symmetric Encryption, Asymmetric Encryption

Hashing, Digital Signatures, Public Key Infrastructure (PKI )

Security Testing Terminologies an Concepts 

Black Box, Grey Box and White Box

Static Analysis Security Testing (SAST) and Dynamic Analysis Security Testing (DAST )

Vulnerability Assessment (VA) and Penetration Testing (PT) 

SDLC and Secure SDLC

OWASP Top 10 -2017 Attacks

A1-INJECTION
A2-BROKEN AUTHENTICATION
A3-SENSITIVE DATA EXPOSURE
A4-XML EXTERNAL ENTITIES ( XXE)
A5-BROKEN ACCESS CONTROLS 
A6-SECURITY MISCONFIGURATION
A7-CROSS SITE SCRIPTING (XSS)
A8-INSECURE DESERIALIZATION
A9-USING COMPONENTS WITH KNOWN VULNERABILITIES
A10-INSUFFIENT LOGGING AND MONITORING

1. Information Gathering

Conduct Search Engine Discovery and Reconnaissance for Information Leakage

Port scanning

Fingerprint Web Server

Review Web server Meta files for Information Leakage

Enumerate Applications on Web server

Review Web page Comments and Meta data for Information Leakage

Identify application entry points

Fingerprint Web Application Framework

Fingerprint Web Application

2. Configuration and Deployment Management Testing

Test Application Platform Configuration

Test File Extensions Handling for Sensitive Information

Review Old, Backup and Unreferenced Files for Sensitive Information

Enumerate Infrastructure and Application Admin Interfaces

HTTP Methods

HTTP Strict Transport Security

Test RIA cross domain policy

3. Identity Management Testing

Test Role Definitions

Test User Registration Process

Test Account Provisioning Process

Testing for Account Enumeration and Guessable User Account

Testing for Weak or unenforced username policy

4. Authentication Testing

Testing for Credentials Transported over an Encrypted Channel

Testing for default credentials

Testing for Weak lock out mechanism

Testing for bypassing authentication schema

Test remember password functionality

Testing for Browser cache weakness

Testing for Weak password policy

Testing for weak password change or reset functionalities

Testing for Weaker authentication in alternative channel

5.   Authorization Testing

Directory traversal/file inclusion attack

Bypassing authorization schema

Privilege Escalation

Insecure Direct Object Reference

6. Session Management Testing

Testing for Bypassing Session Management Schema

Testing for Cookies Security attributes

Testing for Session Fixation Vulnerability

Testing for Exposed Session Variables

Testing for logout functionality

Test Session Timeout

Testing for Session puzzling

7.   Input Validation Testing

HTTP Verb Tampering

HTTP Parameter pollution 

XML Injection 

SQL Injection

XPath Injection 

Local File Inclusion

Remote File Inclusion

Command Injection attack

Reflected Cross Site Scripting

Stored Cross Site Scripting

HTTP Splitting/Smuggling 

8. Cryptography Attacks

Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection

Collision Attack

POODLE Attack

Heart-bleed Attack

Sensitive information sent via unencrypted channels

9. Business Logic Testing

Test Business Logic Data Validation

Test Ability to Forge Requests

Test Integrity Checks

Test for Process Timing

Test Number of Times a Function Can Be Used Limits

Testing for the Circumvention of Work Flows

Upload of Unexpected File Types

Upload of Malicious Files

10. Client Side Testing

DOM based Cross Site Scripting

HTML Injection

Client Side URL Redirect

Cross Site Flashing

Click jacking

Test Local Storage

11. Automated Vulnerability Scanning Tools

         Commercial Scanners

                  Nessus web vulnerability scanner

                  Acunetix WVS – Recorded Session

                  BurpSuite Professional Scanner

                  Fortify Web Inspect Scanner

         Open Source/ free Scanners

                  Nikto ,UniScan , WPScan, Joomscan

12. Reporting

Various Tool Reports and Manual Reporting

Risk Analysis, CVSS 3.0 score system

13. Mobile Application Penetration testing

Android reverse engineering

Penetration Testing mobile application

14. Web Services Security Testing Basics

SOAP Application Testing

Rest Application Testing


[/av_textblock]

[/av_two_third]