I’m going to be delivering a Web Application Security training at FRHACK next September 2009! FRHACK is a highly technical, non-business conference that is going to be held at Besançon, France. The training is a two day, hands-on class where the w3af project leader will train you in the techniques and methodologies needed to discover and exploit web application vulnerabilities.
Here is some extra information regarding the training,
Training name: Discovery and exploitation of web application vulnerabilities
Overview
This training course focus is on manual and automated, discovery and exploitation of web application vulnerabilities. During this course you are going to go through a series of lectures followed by hands on practice. In each practice you will find vulnerabilities to exploit, each with a different level of complexity, which will defy your understanding of the subject. After the hands on practice, a small lecture on how the vulnerability is fixed is presented, together with common errors introduced by developers in that process.
The training will also teach you how to use the most advanced tools used by professionals in the field, like w3af (developed by the trainer), the burp suite, sqlmap and many others.
Course Structure
This is a two-day course that combines lectures with increasingly difficult hands-on exercises designed to teach the attendee different ways to discover and exploit web application vulnerabilities. All course materials, and a certificate of completion will be offered. You must provide your own laptop.
Deliverables
- Training booklet with printed slides and trainer comments
- Live CD with Web Application Security Tools
- VMware image with the training environment
- w3af T-Shirt ;)
Audience
Security consultants, system and network administrators, experienced web application developers, information security officers, government agencies.
Topics Covered
- Day One
- HTTP protocol review
- Web architecture
- HTTP headers and methods
- HTTP authentication
- HTTPS
- Session management: cookies
- Common web server misconfigurations
- Banners
- Directory Indexing
- HTTP authentication
- HTTP method restrictions
- Common development and configuration errors
- HTML comments and versioning
- File inclusions
- Backup and local database files
- Hidden HTML Fields
- Path Disclosure and directory enumeration
- Exceptions and error messages
- Types of analysis
- Static code analysis, black box testing and gray box testing:
- Definitions
- Vulnerabilities that can be detected
- Vulnerabilities that CAN’T be detected
- Web Application Vulnerabilities
- Reverse engineering of Java applets y Flash movies
- Local file read
- Local file inclusions
- Path Traversal and Null Bytes
- Remote file inclusions
- Cross Site Scripting (XSS)
- Cross Site Tracing
- Cross Site Request Forgeries / Session Riding
- HTTP Response Splitting
- Day Two
- Web Application Vulnerabilities
- Uncommon attack vectors
- LDAP Injection
- OS Commanding
- SQL Injection:
- Enumeration of tables and columns
- Execution of queries and stored procedures
- Creation of files
- Execution of OS commands
- Blind SQL Injection
- Web application privilege escalation
- Session handling
- Logical vulnerabilities
- Countermeasures
- mod_security
- Hardening for Java
- PHP hardening:
- Secure configuration parameters
- GRASP
- PHP-IDS
andres.riancho bonsai, conferences france, september, training, w3af, web
