Defending Web Applications Security Essentials (OWASP TOP 10)(5 Gün)

Web Basics and Authentication Security
  • HTTP basics
  • Overview of web technologies
  • Web application architecture
  • Recent attack trends
  • Authentication vulnerabilities and defense
  • Authorization vulnerabilities and defense
Web Application Common Vulnerabilities and Mitigations
  • SSL vulnerabilities and testing
  • Proper encryption use in web application
  • Session vulnerabilities and testing
  • Cross-site request forgery
  • Business logic flaws
  • Concurrency
  • Input-related flaws and related defenses
  • SQL injection vulnerabilities, testing, and defense
Proactive Defense and Operation Security
  • Cross-site scripting vulnerability and defenses
  • Web environment configuration security
  • Intrusion detection in web application
  • Incident handling
  • Honeytoken
  AJAX and Web Services Security
  • Web services overview
  • Security in parsing of XML
  • XML security
  • AJAX technologies overview
  • AJAX attack trends and common attacks
  • AJAX defense
  Cutting-Edge Web Security
  • Clickjacking
  • DNS rebinding
  • Flash security
  • Java applet security
  • Single-sign-on solution and security
  • IPv6 impact on web security

 

  Capture and Defend the Flag Exercise
  • Mitigation of server configuration errors
  • Discovering and mitigating coding problems
  • Testing business logic issues and fixing problems
  • Web services testing and security problem mitigation
  • Reinforcement through exercises of key topics discussed throughout the course.

Penetration Testing and Ethical Hacking with Kali Linux (3 Gün)

Installing and Configuring Kali Linux

Pre-penetration Testing Checklist

Information Gathering

External Pen-testing

Website Penetration Testing

Internal Network Penetration Testing

Network Sniffing

Exploitation

Social Engineering

Wi-Fi Penetration Testing

Brute Force Attack Testing

Advanced Penetration Testing

 

Certified Ethical Hacker (CEH) v9.0 (5 Gün)

Introduction to Ethical Hacking

Footprinting and reconnaissance

Scanning Networks

Enumeration

System Networks

Malware Threats

Sniffing

Social Engineering

Denial-of-Service

Session Hacking

Hacking Webservers

Hacking Web Applications

SQL Injection

Hacking Wireless Networks

Hacking Mobile Platforms

Evading IDS, Firewalls, and Honeypots

Cloud Computing

Cryptography