Cursos

Advanced Web Hacking

1,950.00 +Iva

Dias: 5
Duração: 30 horas
Próxima Data: 10/05/2021 a 14/05/2021
Área: Cibersegurança
Certificação Associada: N/A
Local: Lisboa e Porto

*Curso disponível em Live Training

Quero inscrever-me
REF: NSSAWH Categoria: Etiqueta:

Descrição

Much like the advanced infrastructure hacking training class, this class talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points. This class focuses on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). The class allows attendees to practice some neat, new and ridiculous hacks which affected real-life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known. Attendees can also benefit from a state-of-art Hacklab and we can provide 30 days lab access after the class, to allow attendees more practice time.

Destinatários

• Web Developers , SOC Analysts who wonder types of attacks
Penetration Testers use to find flaws in the applications
• Entry/Intermediate level Penetration Testers who want to
know; what’s next? What are the advanced level attacks
through which they can exploit vulnerabilities?
• Network Engineers, Security Architects, enthusiasts who want
to stay updated with the latests trends in Web application
Hacks
• Any technical person having a basic knowledge of how web
applications work

Programa

Module 1: Introduction

  • LAB SETUP AND ARCHITECTURE OVERVIEW
  • INTRODUCTION TO BURP FEATURES

Module 2: Attacking Authentication and SSO

• Token Hijacking attacks
• Logical Bypass / Boundary Conditions
• Bypassing 2 Factor Authentication
• Authentication Bypass using Subdomain Takeover
• JWT/JWS Token attacks
• SAML Authorization Bypass
• OAuth Issues

Module 3: Password Reset Attacks

• Session Poisoning
• Host Header Validation Bypass
• Case study of popular password reset fails

Module 4: Business Logic Flaws / Authorization flaws

• Mass Assignment
• Invite/Promo Code Bypass
• Replay Attack
• API Authorisation Bypass
• HTTP Parameter Pollution (HPP)

Module 5: XML External Entity (XXE) Attack

• XXE Basics
• Advanced XXE Exploitation over OOB channels
• XXE through SAML
• XXE in File Parsing

Module 6: Breaking Crypto

• Known Plaintext Attack (Faulty Password Reset)
• Padding Oracle Attack
• Hash length extension attacks
• Auth bypass using .NET Machine Key
• Exploiting padding oracles with fixed IVs

Module 7: Remote Code Execution (RCE)

• Java Serialization Attack
• .Net Serialization Attack
• PHP Serialization Attack
• Python serialization attack
• Server Side Template Injection
• Exploiting code injection over OOB channel

Module 8: SQL Injection Masterclass

• 2nd order injection
• Out-of-Band exploitation
• SQLi through crypto
• OS code exec via PowerShell
• Advanced topics in SQli
• Advanced SQLMap Usage and WAF bypass
• Pentesting GraphQL

Module 9: Tricky File Upload

• Malicious File Extensions
• Circumventing File validation checks
• Exploiting hardened web servers
• SQL injection via File Metadata

Module 10: Server Side Request Forgery (SSRF)

• SSRF to query internal network
• SSRF to exploit templates and extensions
• SSRF filter bypass techniques
• Various Case studies

Module 11: Attacking the Cloud

• SSRF Exploitation
• Serverless exploitation
• Google Dorking in the Cloud Era
• Cognito misconfiguration to data exfiltration
• Post Exploitation techniques on Cloud-hosted applications
• Various Case Studies

Module 12: Attacking Hardened CMS

• Identifying and attacking various CMS
• Attacking Hardened WordPress, Joomla, and Sharepoint

Module 13: Web Caching Attacks

Module 14: Miscellaneous Vulnerabilities

• Unicode Normalization attacks
• Second order IDOR attack
• Exploiting misconfigured code control systems
• HTTP Desync attack

Module 15: Attack Chaining N Tier Vulnerability Chaining Leading To Rce

Module 16: Various Case Studies

• A Collection of weird and wonderful XSS and CSRF attacks

Module 17: B33R-101

Pré-requisitos

Students must bring their own laptop and have admin/root access on it. The laptop must have a virtualization software (virtualbox /VMWare) pre installed. A customized version of Kali Linux (ova format) containing custom tools, scripts and VPN scripts for the class will be provided to the students. The laptop should have at least 4 GB RAM and 20 GB of free disk space dedicatedly for the VM. Users are also encouraged to familiarize themselves with Burp Suite https://portswigger.net/burp/communitydownload to gain maximum out of the class.

Outras datas

19/07/2021 a 23/07/2021

13/09/2021 a 17/09/2021

08/11/2021 a 12/11/2021