SANS SEC642: Advanced Web App Penetration Testing and Ethical Hacking (review) 1 Comment Posted by ChrisJohnRiley on December 2, 2012 After taking a year off from SANS London ( a trip to Colombia was too much to resist last year ), I flew back over to sunny London ( ha ) to attend the new SEC642: Advanced Web App Penetration Testing class with.
Web Application Penetration Testing In this course, Cybrary subject matter expert, Raymond Evans, takes you on a wild and fascinating journey into the cyber security discipline of web application pentesting. This is a very hands-on and somewhat advanced course that will require that you set up your own pentesting environment. You’re also expected to have a basic understanding of Linux and be comfortable working with the command line. In addition, you should have familiarity with virtualized environments such as VMWare or VirtualBox and also understand how to configure a browser’s proxy settings. But don’t let these requirements deter you. Rolling up your sleeves and getting down and dirty with the tools of the trade will make you a better web application pentester! Course Outline: • HTTP and HTTPS basics – these protocols are the foundation of communication for web apps and understanding the various requests, responses, and status codes are fundamental to the course.
We also examine packet structure and how packets can be manipulated by attackers. • Why sites get hacked – sites get hack for a number of reasons. The main ones are because websites provide a large attack surface and the technologies that run on them are subject to common vulnerabilities such as SQLI, XSS, LFI, and RFI. These attack vectors are discussed in greater detail later in the course. • Hacker methodology – the steps followed by an attacker which consist of footprinting, scanning, enumeration, gaining access, maintaining access, and covering one’s tracks. A host of essential tools are presented throughout the course that should be in every pentester’s toolbox.
Manual and automated approaches are presented for each type of process. • SQLI – structured query language injection is a common exploit that takes advantage of improperly-filtered user input. Escape characters such as single and double quotes can then be inserted or “injected” into URL query strings to form basic SQL queries. Such queries can be used to dump a database, modify or delete individual tables or even the entire database! • XSS – cross site scripting takes advantage of a client-side vulnerability that allows an attacker to inject code that can execute malicious scripts. Like SQLI, it exploits improperly-filtered user input. The malicious scripts can hijack session cookies and tokens as well as steal other sensitive information from a compromised site.
• LFI and RFI – local file inclusion and remote file inclusion respectively, are attacks where malicious files are installed on a vulnerable server. One (LFI) performs the exploit locally on the host and the other (RFI) uploads them remotely. Common exploits of this type are backdoors, key loggers, malware distribution, and bots. • Reporting best practices – this is what sets straight-up hackers apart from the professionals.
Presenting well-written testing plans up front to a client.
1 The most trusted source for information security training, certification, and research. INFORMATION SECURITY TRAINING 2018 Asia-Pacific COURSE CATALOG 80+ Certified instructors 200+ Live events globally, plus multiple online options Best training I ve attended. Great material that you can apply immediately. 4 SANS Training Formats Whether you choose to attend a training class live or online, the entire SANS team is dedicated to ensuring your training experience exceeds expectations. Live Classroom Instruction Our most recommended format, live SANS training events feature SANS s top instructors teaching multiple courses at a single time and location.
This allows for: Focused, immersive learning without the distractions of your office environment Direct access to SANS Certified Instructors Interacting with and learning from other professionals Attending events, NetWars tournaments, vendor presentations, industry receptions, and many other activities Summits SANS Summits focus one or two days on a single topic of particular interest to the community. Speakers and talks are curated to ensure the greatest applicability to participants. Quicken home and business best buy.
Community SANS Courses Same SANS courses, courseware, and labs are taught by up-andcoming instructors in a regional area. Smaller classes allow for more extensive instructor interaction. No need to travel; commute each day to a nearby location.