Course Overview
This is an entry level web application security testing course and is a pre-requisite for the Advanced Web Hacking course. Tools and techniques will be taught in the 2-day course. If you would like to step into the world of ethical hacking / penetration testing with a focus on web applications, then this is the class for you.
Moyens d'évaluation :
- Quiz pré-formation de vérification des connaissances (si applicable)
- Évaluations formatives pendant la formation, à travers les travaux pratiques réalisés sur les labs à l’issue de chaque module, QCM, mises en situation…
- Complétion par chaque participant d’un questionnaire et/ou questionnaire de positionnement en amont et à l’issue de la formation pour validation de l’acquisition des compétences
Course Objectives
HackingPoint is a new Global Education program for security experts (customers, partners, or network admins) to help master all types of Pen Testing techniques and Cyber Security practices The goal of this program is to give security experts in-depth understanding of how to better protect the corporate network and resources World-class trainers and Pen-testing experts in the field (BlackHat & Check Point RnD trainers) provide students deep knowledge in cutting-edge Cyber Security threats
Course Content
Day 1
Information gathering, profiling and cross-site scripting
- Understand
- HTTP protocol
- Identify the attack surface
- Username enumeration
- Information disclosure
- Issues with SSL / TLS Cross-site scripting
- Cross-site request forgery
Day 2
Injection, flaws, files and hacks
- SQL injection
- XXE attacks
- OS code injection
- Local / remote file include?
- Insecure file uploads
- Cryptographic weakness
- Business logic flaws
Moyens Pédagogiques :