Global Knowledge

1-800-COURSES
Chat Now

Shopping Cart | My Global Knowledge Login | United States United States [change region]

  • Courses
    • Browse Catalog
    • Delivery Methods
    • New Courses
    • Special Offers
    • Guaranteed Dates
    • Search Wizard
  • Certifications
  • Training Solutions
    • Corporate Training
    • Government Training
    • Partner with Us
  • Training Locations
    • Atlanta
    • Chicago
    • Dallas
    • Morristown
    • New York
    • Raleigh
    • San Jose
    • Washington, DC
    • All 150+ Locations
  • Knowledge Center
    • Assessments
    • Case Studies
    • Demos
    • Events
    • Lab Topologies
    • Mobile Apps
    • Practice Files
    • Special Reports
    • Twitter
    • Videos
    • Webinars
    • White Papers
  • Contact Us
Foundstone Ultimate Hacking Web

Home > Course Catalog >  Cybersecurity Training > Foundstone Ultimate Hacking: Web

Foundstone Ultimate Hacking: Web

With every application that an organization brings online or with every e-business that goes live, malicious hackers are waiting to attack. This class provides security professionals with the knowledge and tools to recognize software vulnerabilities, develop countermeasures, and perform ongoing assessments of these Internet-facing applications. In a hands-on setting, instructors offer demonstrations on how attackers can access corporate information with little more than a web browser.

What You'll Learn

  • Strategic, tactical, and operational countermeasures to prevent hackers from exploiting web-based applications
  • Security considerations unique to secure web applications
  • Thorough knowledge of popular web application and infrastructure vulnerabilities including SQL injection, cross site scripting, authentication/authorization issues, and session management weaknesses
  • Configuration and usage of web security tools including Nikto, Paros, Fiddler, Brutus, OpenSSL, and SSLDigger

Who Needs to Attend

Developers, system and network administrators, QA testing personnel, auditors, consultants, and/or web designers concerned with web security should take this course.

Prerequisites

Basic UNIX and Microsoft Windows competency is recommended.

Follow-On Courses

  • Foundstone Building Secure Software
  • Foundstone Writing Secure Code: Java (J2EE)
  • Foundstone Writing Secure Code - ASP.NET (C#)

Course Outline

1. Web Technology and Testing Tools

  • Preparation and Planning
  • HTTP Overview
  • Profiling the Environment

2. Data Validation Attacks

  • Parameter Manipulation
  • Cross-Site Scripting
  • Data Validation
  • SQL Injection
  • Other Browser Attacks

3. Other Web Attacks

  • Information Disclosure
  • Authentication
  • User Management
  • Session Management
  • Other Injection Attacks

4. Authorization, Non-Browser Clients, and Automated Scanners

  • Authorization
  • Other Clients
  • Automated Web Application Vulnerability Scanning
  • Wrap-Up/Methodology

Labs

All topics are supported by hands-on exercises specifically designed to increase knowledge retention. Classroom exercises provide the basic hands-on experience needed to secure web applications and Internet-facing software.

On-Site

Course Code: 9815

Contact us for pricing

Partner-Delivered Course

4 Day Course


Payment Options

Alert Me Alert Me

Schedule and Registration

Request a Quote.

Request a date & location.

Resources

PDF of this course

 

Foundstone

Share

Copyright ©2013 Global Knowledge Training LLC  All rights reserved.  1-800-COURSES (1-800-268-7737) Privacy  Legal  Policies  Site Map  Blog RSSRSS