Call Us : +91-9911298894   Mail Us : info@cryptus.in

Home Web Penetration Testing

WEB PENETRATION TESTING

Web Application Penetration Testing Training focuses on preparing students for the real world of Web App Pen Testing through extensive lab exercises and thought-provoking lectures led by an expert instructor. We review of the entire body of knowledge as it pertains to web application pen testing through a high-energy seminar approach.CRYPTUS offers Web Application Penetration Testing program to train and prepare IT Security Professionals.

Web application security is a branch of Information Security that deals specifically with security of websites, web applications and web services. At a high level, Web application security draws on the principles of application security but applies them specifically to Internet and Web systems. Typically web applications are developed using programming languages such as PHP, Java EE, Java, Python, Ruby, ASP.NET, C#, VB.NET or Classic ASP.

The Web Application Penetration Testing course from Cryptus Cyber Security is a totally hands-on learning experience. From the first day to the last day, you will learn the ins and outs of Web App Pen Testing by attending thought-provoking lectures led by an expert instructor. Every lecture is directly followed up by a comprehensive lab exercise (we also set up and provide lab workstations so you don't waste valuable class time installing tools and apps). Typical lab exercises consist of a real-world app that demonstrates a vulnerability commonly found in a web app.

You learn how to assess the application much as a black hat hacker would, and then exploit the app so that you can demonstrate the true risk of the vulnerability to the application owner. This can involve taking control of the application itself, downloading data the application stores, or potentially using the app as a launching pad to attack unsuspecting visitors with a malicious script. Finally, the lab will follow up with remediation steps so that the application owner can properly close down the security hole for good.

PROGRAM HIGHLIGHTS

  • Learn the Secrets of Web App Pen Testing in a totally hands-on classroom environment
  • Learn how to exploit and defend real-world web apps not just silly sample code
  • Complete the 83 Step "Web App Pen Test Methodology", and bring a copy back to work with you
  • Understand how to find Vulnerabilities in Source Code
  • Take home a fully featured Web App Pen Test Toolkit
  • Learn how perform OWASP Top 10 Assessments for PCI DSS compliance
  • Understand Wireless mechanism and Its Security.

Course Modules:

Module1: Web Application working Mechanism, SQL Basics, DNS ENUM security
Module2: SQL injection Basics, Google Dorks, Exploits 10
Module3: Union SQL injection Injections
Module4: Burp Suite Proxy (XSS)
Module5: WAF Bypass, Error Based SQL injection References
Module6: Blind SQL injection Misconfiguration
Module7: Blind with time based SQL injection Control
Module8: SQL MAP , HAVIJ, SQL NINJA (CSRF)
Module9: XSS part 1 & part 2
Module10: OS Command Injection OR RCE
Module11: File Inclusion Vulnerability and Directory Traversal
Module12: LDAP Injection
Module13: DVWA Framework
Module14: XXE (XML EXTERNAL ENTITY)
Module15: CSRF
Module16: ACUNETIX SCANNER, ZAP Proxy
Module17: NETSPARKER, NIKTO, WP-Scan
Module18: NESSUS SCANNER, VEGA, NEXPOSE
Module19: Session Management, Cookies, Tokens
Module20: Security misconfiguration, Information Disclosure(Directory Listing)
Module21: Http Only, Secure Flag
Module22: Poor Logging Practice
Module23: Broken Access Control
Module24: Upload File Restriction Vulnerability
Module25: CRLF Injection
Module26: Under protected API
Module27: Session Fixation and hijacking
Module28: Using components with known vulnerabilities, Heartbleed Bug and Poodle Vulnerability
Module29: Mutillidae Practice
Module30: Other Minor Vulnerabilities
Module31: Report Generating
Module32: Examination

Pay now

Training Plan

WEB PENETRATION TESTING Training Fee and Duration
Track Regular Track Weekend (Sat & Sun)
Duration 40 - 45 Days 8 Weekends
Hours 2 hours a day 3 hours a day
WEB PENETRATION TESTING Exam In the last of the Course In the Last of the course

CHECK OUT CRYPTUS OTHER TRAINING PROGRAMS

Enquire Us for CRYPTUS Training Programs

6 + 10 =