Application Security -Penetration Testing

( Web Application Hacking )

Here is the content of the Application Security Penetration Testing (AppSec) course. AppSec is designed for job seekers who have interested in getting into the information security domain. AppSec is the best course to get the job faster. And for those who want to switch their domain to information security without losing the experience, this is the best course. This covers basics to advanced levels. We designed our course as per industry requirements and standards, the content we cover listed below

Sec_rity is incomplete without “U”

Download the Syllabus Here

  • Mode of Training: Live Instructor-Led Online training (Through Gotomeeting.com)
  • Course Duration: ~40 Hours ( 5 weeks, Monday – Friday)
  • Session Duration: 1:30 hour
  • Trainer Profile: https://www.linkedin.com/in/gollevenkatesh/

Course Benefits

  • Training provided by our Real-time working employee
  • Our Expert trainer has top cybersecurity certifications – CEH, OSCP, and CISSP(Certified Information Systems Security Professional)
  • Course material, Slides will be provided
  • Sample Resumes and resume templates will be provided
  • Interview Q&A

Course Syllabus

1.   Hacking Pre-requisites

Note: Trainer will be teaching all required pre-requisites so that anyone who has a passion for cybersecurity can learn

  • Networking Basics
    • IP addressing, Routing, Network Configurations
    • OSI 7 Layer Model
    • Protocols, TCP, UDP, ICMP, Ports, DNS, DHCP, SMTP, POP3, IMAP, HTTP, HTTPS, FTP
    • Analyzing Network Protocols with Wireshark Tool
  • Operating System
    • Kali Linux OS installation and commands
    • Virtual machines- VMWare/Virtual Box Basics
  • Web/Database Technologies Basics
    • HTML, HTML5, JavaScript, MySQL
    • Web Application Architectures
  • Security Testing
    • Black Box, Grey Box, and White Box
    • SAST and DAST
    • Vulnerability Assessment and Penetration Testing
    • SDLC and Secure SDLC
  • Cryptography Concepts
    • Encoding, Encryption
    • Symmetric, Asymmetric
    • Hashing, MAC, Digital Signatures, PKI

OWASP Top 10 Attacks

  • A1-Injection
  • A2-Broken Authentication
  • A3- Sensitive Data Exposure
  • A4-XML External Entities (XXE)
  • A5-Broken Access Control
  • A6- Security Misconfiguration
  • A7- Cross-Site Scripting (XSS)
  • A8-Insecure Deserialization
  • A9-Using Components with Known Vulnerabilities
  • A10-Insufficient Logging & Monitoring

2. Information Gathering

  • Conduct Search Engine Discovery and Reconnaissance for Information Leakage
  • Port scanning
  • Fingerprint Web Server
  • Review Web server Metafiles for Information Leakage
  • Enumerate Applications on Webserver
  • Review Web page Comments and Metadata for Information Leakage
  • Identify application entry points
  • Fingerprint Web Application Framework
  • Fingerprint Web Application

3. Configuration and Deployment Management Testing

  • Test Application Platform Configuration
  • Test File Extensions Handling for Sensitive Information
  • Review Old, Backup and Unreferenced Files for Sensitive Information
  • Enumerate Infrastructure and Application Admin Interfaces
  • HTTP Methods
  • HTTP Strict Transport Security
  • Test RIA cross-domain policy

4. Identity Management Testing

  • Test Role Definitions
  • Test User Registration Process
  • Test Account Provisioning Process
  • Testing for Account Enumeration and Guessable User Account
  • Testing for Weak or unenforced username policy

5. Authentication Testing

  • Testing for Credentials Transported over an Encrypted Channel
  • Testing for default credentials
  • Testing for Weak lockout mechanism
  • Testing for bypassing authentication schema
  • Test remember password functionality
  • Testing for Browser cache weakness
  • Testing for Weak password policy
  • Testing for weak password change or reset functionalities
  • Testing for Weaker authentication in alternative channel

6. Authorization Testing

  • Directory traversal/file inclusion attack
  • Bypassing authorization schema
  • Privilege Escalation
  • Insecure Direct Object Reference

7. Session Management Testing

  • Testing for Bypassing Session Management Schema
  • Testing for Cookies Security attributes
  • Testing for Session Fixation Vulnerability
  • Testing for Exposed Session Variables
  • Testing for logout functionality
  • Test Session Timeout
  • Testing for Session puzzling

8. Input Validation Testing

  • HTTP Verb Tampering
  • HTTP Parameter pollution 
  • XML Injection 
  • SQL Injection
  • XPath Injection 
  • Local File Inclusion
  • Remote File Inclusion
  • Command Injection attack
  • Reflected Cross Site Scripting
  • Stored Cross Site Scripting
  • HTTP Splitting/Smuggling 

9. Cryptography Attacks

  • Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection
  • Collision Attack
  • POODLE Attack
  • Heart-bleed Attack
  • Sensitive information sent via unencrypted channels

10. Business Logic Testing

  • Test Business Logic Data Validation
  • Test Ability to Forge Requests
  • Test Integrity Checks
  • Test for Process Timing
  • Test Number of Times a Function Can Be Used Limits
  • Testing for the Circumvention of Work Flows
  • Upload of Unexpected File Types
  • Upload of Malicious Files

11. Client Side Testing

  • DOM-based Cross-Site Scripting
  • HTML Injection
  • Client-Side URL Redirect
  • Cross-Site Flashing
  • Clickjacking
  • Test Local Storage

12. Automated Vulnerability Scanning Tools

  • Commercial Tools
    • Nessus web vulnerability scanner
    • Acunetix WVS – Recorded Session
    • BurpSuite Professional Scanner
    • Fortify Web Inspect Scanner
  • Open Source/ Free Scanners
    • Nikto, UniScan, WPScan, Joomscan

13. Reporting

  • Risk Analysis, CVSS 3.0 score system
  • Various Tool Reports and Manual Reporting

14. Mobile Application Security Testing

  • Penetration Testing mobile application
  • Android reverse engineering

15. Web Services Security Testing Basics

  • SOAP Application Security Testing
  • Rest Application Security Testing
Contact Form

* Required

Thank you for your message, we will contact you as soon as possible. You can also email us on mailto:support@cybergeekforce.com for further queries