Signup as a Tutor

As a tutor you can connect with more than a million students and grow your network.

Enquire

Submit your enquiry for Application Security Testing

Please enter valid question or comment

Please enter your name.

Please enter valid Phone Number

Please enter the Pin Code.

By submitting, you agree to our Terms of use and Privacy Policy

Connect With Gunwant

You have reached a limit!

We only allow 20 Tutor contacts under a category. Please send us an email at support@urbanpro.com for contacting more Tutors.

You Already have an UrbanPro Account

Please Login to continue

Please Enter valid Email or Phone Number

Please Enter your Password

Please Enter valid Password or OTP

Forgot Password? Resend OTP OTP Sent

Sorry, we were not able to find a user with that username and password.

We have sent you an OTP to your register email address and registered number. Please enter OTP as Password to continue

Further Information Received

Thank you for providing more information about your requirement. You will hear back soon from the trainer

Share

Application Security Testing

Application Security Testing

Online Instructor led Course

Platform: Google Hangout, Skype, Online Conferences

15,000

1 Reviews
0 Interested

About the Course


Application Security training program is designed to make participants aware of common web application vulnerabilities and the impact they can have on businesses. The course also incorporates effective defense mechanisms and the use of Best Practices to mitigate the risk of attacks. The course focuses on the latest hacking attacks targeted to different platforms & networks and covers countermeasures to secure IT infrastructure. The course focuses on OWASP Top 10 and SANS Top 25 vulnerabilities and risks.


Topics Covered


Topic 1:     Introduction
    •    Welcome
    •    Motivation
    •    Course Objectives
    •    Course Overview
    •    The Software Development Lifecycle (SDLC)
    •    Security in the SDLC
    •    The Importance of Security Requirements
    •    Application Security in Context
    •    Lab Exercise: Requiring Security
    •    Quiz



Topic 2:     A Taxonomy of Web Application Vulnerabilities
    •    Debug Info in Prod
    •    Denial of Service
    •    Failure to Respond to Attack
    •    Failure to Verify Integrity
    •    HTTP
    •    Information Leakage
    •    Injection
    •    Insecure Coding
    •    Insecure I/O
    •    Insecure Platform
    •    Intentional
    •    Poor Access Control
    •    Poor Certificate Management
    •    Poor Input Validation
    •    Poor Password Management
    •    Poor Session Management
    •    Race Condition
    •    Replay
    •    Sensitive Info Exposure
    •    Trusting DNS
    •    Lab Exercise: The OWASP Top 10
    •    Quiz



Topic 3:     Using a Web Proxy
    •    Viewing Web Page Source
    •    Example: Tamper Data
    •    Violating Designer Assumptions
    •    Errors vs. Unexpected Behavior
    •    Crafting Malicious Input
    •    Example: Burp Proxy
    •    Example: OWASP ZAP
    •    Lab Exercise: Injection Rejection
    •    Quiz



Topic 4:     Detecting XSS
    •    What is Cross-site Scripting ?
    •    Example: Cross-site Scripting
    •    Detecting XSS Vulnerabilities
    •    Case Study: But I don’t Like Spam
    •    Lab Exercise: XSS Attacks
    •    Quiz



Topic 5:     Detecting SQL Injection
    •    What is SQL Injection ?
    •    Case Study: I Still Don’t Like Spam
    •    Detecting SQLi Vulnerabilities
    •    Lab Exercise: SQLi Attacks
    •    Quiz



Topic 6:     Detecting Command Injection
    •    What is Command Injection ?
    •    Case Study: Do the Math
    •    Detecting Command Injection Vulnerabilities
    •    Other Injection Attacks
    •    Lab Exercise: Taking Command
    •    Quiz



Topic 7:     Detecting Access Control Vulnerabilities
    •    Password Strength & Management
    •    Testing for Account Enumeration
    •    Navigate Your Way
    •    Testing for Client Side Access Control
    •    Roles, Accounts, and Permissions
    •    Testing for Cross-site Request Forgery
    •    Testing for Path Traversal
    •    Testing for Horizontal Escalation
    •    Testing for Replay
    •    Testing for Session Fixation
    •    Testing for Session Termination
    •    Lab Exercise: Out of Control
    •    Quiz



Topic 8:     Detecting Other Vulnerabilities
    •    Parameter Mayhem
    •    Sensitive Information Exposure
    •    Event Timing
    •    File Uploads and Transfers
    •    Testing for Denial of Service
    •    Lab Exercise: Go Get ‘Em
    •    Quiz



Topic 9:     Miscellaneous Topics
    •    Application Security in Perspective
    •    Security Manager Design Pattern
    •    Avoiding Common Vulnerabilities
    •    Security in the SDLC
    •    The Security Design Review
    •    The OWASP ESAPI


Who should attend


- IT/Security professionals - Developers/Code reviewers - Security Testers/Ethical Hackers - Security Analysts - Security Enthusiasts/Students


Pre-requisites


- Basic understanding of computing - Know-how of web applications - Networking Know-how - Open mind


What you need to bring


PC/Laptop with a high-speed Internet Connection.""


Key Takeaways


- Course Materials (soft copies) - Videos/Lectures/PDFs - Security Tools - Practice Questions/material

Content
Reviews

Recommendations & reviews from previous Customers:

Meet Patel

"He has rich experience in ethical hacking "

attended Application Security Testing


Questions and Comments

Thousands of experts Tutors, Trainers & other Professionals are available to answer your questions

Comment ?

Questions Guidelines

  • Start your question with simple statements like "what", "when", "where", or "how".
  • Ensure your question or answer is not offensive or insensitive - it may be voted down or banned.
  • Please provide as much detail as possible as this will allow our members to better understand and respond to your question.
  • Take some time to categorize your question. This will greatly help other users find the question.


You can add upto 6 Images

Ask


Recommendations & reviews from previous Customers:

Meet Patel

"He has rich experience in ethical hacking "

attended Application Security Testing


Date and Time

Not decided yet.

cash back100% Money Back Guarentee

About the Trainer

Gunwant Singh picture

Gunwant Singh

Msc. in Network Security, CISSP, GXPN


I am a Senior Security Analyst with over 13 years of industrial experience in Information Security. I have tested and secured a number of government applications and software used by several Fortune 500 companies of the world.

I am currently holding CISSP & GXPN certifications and work mostly in Penetration Testing and hardening of web servers. I have experience in teaching corporate and individual staff for about 5-7 years.

I host a blog for students and currently write articles and whitepapers for several companies. I have been involved in hosting training on Application Security and I was invited for a couple of sessions for OWASP Delhi and Houston (USA) chapters.
Seats Left-

Students Interested 0

Course Id: 16501