EC-Council CAST 613: Advanced Application Security

Deze Partnercursus cursus hebben we niet meer in ons assortiment maar nog wel andere cursussen, bijvoorbeeld:

Er zijn geen gerelateerde cursussen.

Kunnen wij je helpen?

A course designed with the advance programmer in mind where more than 50% of the class involves hands-on coding labs requiring all students to have programming experience. This course is NOT language specific although program logic is an absolute must have.

This three-day extremely specialized course delves into efficient and effective defensive code writing focused on thwarting-off attackers by applying carefully selected techniques essential to case hardening your application from within.

Walk into the world of a technical trainer with 23 years of experience delivering an in-depth analysis of popular vulnerabilities and then to map that back to a particular language where it would apply. Be exposed to real life attacks launched against applications from the web, off the shelf binary applications, popular runtimes such as .NET, Java and even Adobe AIR (In a legal and Ethical Way), learn where mistakes were made to ensure your house is in order.

CAST programs are designed and developed by EC-Council in collaboration with well-respected subject-matter experts and industry practitioners. All of these advanced security training courses will only conducted by appointed EC-Council Master Trainers, some of whom are authors of the respective courses. Theories are limited to the bare essentials, and the bulk of the training session will be focused on a participants individualized involvement in getting their hands dirty. CAST will offer programs that will cover important domains such as advanced penetration testing, malware analysis, advanced social engineering, cryptography, digital forensics deep dive, web application security, among others

Doel

SSL – Compelled Certificate Injection
SSL – Renegotiation
CRL – Libraries
SQL Root Kits
XSS to the Max!
Fuzzing Techniques (Most programmers are not at all familiar with Fuzzing, but their code should indeed be fuzzed)
Fuzzing Defined: Throwing every type of input you possibly can at an application to try to get it to ‘hiccup’. If it does indeed hiccup with a GPF (General Protection Fault) or worse yet a Blue Screen (Meaning we have touched the Kernel) then we would explore further to try to find out what caused it and possibly use it for code execution or denial of service attacks.

Voorkennis

Students must be familiar with IT Security best practices, and have a good understanding of programming logic and common web technologies as well as binary applications
Basic Windows administration for servers and workstations
Basic Linux/NIX system administration skill
Basic command line proficiency on both Windows and NIX systems

Fabian Klostermann

accountmanager

Onderwerpen

1-Introduction
2-Cryptography Decrypted
3-Account Management – The Key to it all?
4-Parameter Diddling
5-Transport Layer Protection – Safety During the Commute

6-Cross Site Scripting (XSS) – Truth Is I just do what I am told.
7-Cookies – Not Just for Hansel and Gretel
8-Internal Implementation Disclosure – What¿s going on inside the Beast
9- SQL Injection – SQL Injection- What’s a Command, What’s Data?
10-Cross Site Attacks – Same Origin Policy. Everyone Else Breaks it why shouldn’t we?

Bekijk meer onderwerpenBekijk minder onderwerpen

1-Introduction
- About the course and Author Tim Pierson
- Why I developed Hacking and Hardening your Corporate Website/WebApp: A developer Perspective
- Introducing the vulnerable website
- Using very Expensive Pen testing tools high priced tools like Firefox/Firebug or Chrome’s developer tools (Comes with Chrome).
- Introducing a few Free Add-ons to Chrome and Firefox, Did I mention they were Free?
- Monitoring and composing requests using a common proxy like Fiddler, Paros or Burp Suite.
- Modifying requests and responses in Fiddler to change what goes out and what comes in before Browser Renders it.
- Browser simply reads code from the top to the bottom. No idea what is good, bad, malicious or otherwise.
- Surfing the Web is like giving every website you go to a shell on your box!
2-Cryptography Decrypted
- Introduction
- Encryption – A Definition
- Encryption Algorithm
- Symmetric Encryption
- Asymmetric Encryption
- Crack Times
- Password Policies and why they simply don¿t work!
- Don¿t use a Pass Word Every Again! Use a Pass Phrase Instead!
- Hashing
- Hash Collisions
- Common Hash Algorithms
- Digital Signatures – Proving who we say we are.
- Digital Certificate Levels – It comes down to Cost!
- Working with SSL Certificates.
- We Trust what we Know – True Story.
- IPSec – Will this solve it all?
- Public Key Infrastructure
- HeartBleed – What’s all the Hype? Should we care?
- Laptop and Portable Encryption: TrueCrypt – BYOB is here or is Coming!
- Summary
3-Account Management – The Key to it all?
- Introduction
- Understanding How Important password strength and attack vectors are
- My Favorite Slide in the World
- Passing the Monkey Wrench Technique!
- Limiting characters in passwords
- Providing (Emailing credentials) on account creation
- Account enumeration
- Denial of service via password reset
- Correctly securing the reset processes
- Wall of Shame – Plain Text Offenders
- How to spot a Secure Web Site – Everyone should try this on their Family.
- Establishing insecure password storage
- Testing for risks in the ‘remember me’ feature
- Re-authenticating before key actions
- Testing for authentication brute force
- Summary
4-Parameter Diddling
- Introduction
- Identifying untrusted data in HTTP request parameters
- Capturing requests and using easy tools to manipulating parameters
- Manipulating application logic via parameters
- Testing for missing server side validation, if you don¿t do it, it’s like having the fat kid watch the pie!
- Understanding model binding
- Executing a mass assignment attack
- HTTP verb tampering – What’s a Verb? Post, Get etc. Are they interchangeable you’d be surprised?
- Fuzz testing – Spraying that App like a fireman¿s sprays a fire with his fire hose, then see if it Hiccups!
- Summary
5-Transport Layer Protection – Safety During the Commute
- Introduction
- The three objectives of transport layer protection
- Understanding a man in the middle attack, and we all fall victim to it every day!
- Protecting sensitive data in transit, and at Rest.
- The risk of sending cookies over insecure connections
- How loading login forms over HTTP is risky
- What’ the Solution? Http Everywhere? What about the overhead?
- Exploiting mixed-mode content
- The HSTS header
- Summary#6-Cross Site Scripting (XSS) – Truth Is I just do what I am told.
- Introduction
- Understanding untrusted data and sanitization
- Establishing input sanitization practices ¿ Keep it Clean going in
- Understanding XSS and output encoding
- Identifying the use of output encoding – and coming back out!
- 3 types of XSS, Reflected, Stored and DOM
- Delivering a payload via reflected XSS
- Testing for the risk of persistent XSS
- The X-XSS-Protection header
- Summary

7-Cookies – Not Just for Hansel and Gretel
- Introduction
- Cookies 101 – Everything you wanted to know but were afraid to Ask!
- Session Management – HTTP is like an Alzheimer’s Patient – Like the Movie, 50 First Dates !
- Understanding Http Only cookies, what are they and why we should use them?
- Understanding secure cookies. No not putting Grandmas Cookies in a locked Cookie Jar!
- Disabling Cookies – Do we really need them?
- Restricting cookie access by path ¿ Now there¿s an Idea!
- Reducing risk with cookie expiration ¿ Keep it short!
- Using session cookies to further reduce risk
- Summary
8-Internal Implementation Disclosure – What¿s going on inside the Beast
- Introduction
- How an attacker builds a website risk profile, Make sure you don¿t fit that profile.
- Server response header disclosure – Tell it like it is, or is that not what you intended?
- Locating at-risk websites – Making Sure Yours is not one of them
- HTTP fingerprinting of servers – Determining what your WebApp WebSite is running
- Disclosure via robots.txt – Tell the World Where not to Look!
- The risks in HTML source – What your HTML is telling Everyone, whether you know it or not!
- Internal error message leakage – Error messages that say Way Too Much!
- Lack of access controls on diagnostic data – First things Hackers Try is to Put the sight in Debug Mode
- Summary
9- SQL Injection – SQL Injection- What’s a Command, What’s Data?
- Outline
- Understanding SQL injection
- Testing for injection risks -Using Very High Priced Expensive tools like Chrome and FireFox!
- Discovering database structure via injection
- Harvesting data via injection. Simply print out the Entire Schema under the right conditions.
- Automating attacks with Havij
- Blind SQL injection – How the Blind Man can still find Holes
- Secure app patterns
- Summary
10-Cross Site Attacks – Same Origin Policy. Everyone Else Breaks it why shouldn¿t we?
- Introduction
- Understanding cross site attacks – Leveraging the Authority of an approved User
- Testing for a cross site request forgery risk
- The role of anti-forgery tokens – A few Things that will help
- Testing cross site request forgery against APIs
- Mounting a clickjacking attack – What are you clicking on anyway?
- Summary

Planning & Prijs

Gerelateerde cursussen

Er zijn geen gerelateerde cursussen.

Ervaringen

ervaringen verzameld via

"Training was prima, goede tips gekregen met af en toe een grap en grol. Locatie was prima, goed verzogd vwb koffie/thee, fruit en koekje. Mensen ook zeer vriendelijk. Lunch was perfect en zeer uitgebreid."

9

"De cursus was goed, en de verzorging ook!Ik heb er veel van opgestoken! De lokatie in Nieuwegein is goed te bereiken met het openbaar vervoer, dus dat is prettig. Tot een volgenden keer."

10

"Ik vond de training erg leerzaam. De inhoud was van een hoog niveau en de docent was goed thuis in de materie. Ik stel het vooral op prijs dat er diep op de concepten werd ingegaan."

9

Categorieën

Onderwerpen

Leveranciers

Prijs