Hacking and Auditing Web Application Security


3  Days


29,000  Baht (Exclusive of VAT 7%)
Special Offer : Contact us

This three-days course provides in-depth knowledge about Web application security explains common security terminology and presents a set of proven security principles upon which many of the recommendations throughout this guide are based. It presents an overview of the security process and explains why a holistic approach to security that covers multiple layers including the network, host and application, is required to achieve the goal of hack-resilient Web applications.

  • This course focuses on the latest tools and techniques used in designing applications which provide data to those who need it while keeping the bad guys out.
  • The candidate will have hands on experience using current tools to detect and prevent Cross-site Scripting (XSS), and SQL Injection as well as an in-depth understanding of authentication, and session management systems and their weaknesses and how they are best defended.
  • This course will focus on OWASP top 10 web application security guide.
  • Module 1: Introduction to Web Application Security
  • Module 2: OWASP Projects
  • Module 3: Discovery and Identifying the Web Server, Web  Application and Subsystem
  • Module 4: Attack: Bypassing Client-Side Controls
  • Module 5: Attack: Access Controls
  • Module 6: Attack: Authentication and Session Management
  • Module 7: Attack: Injecting Code
  • Module 8: Attack: Cross-Site Scripting
  • Module 9: Attack: Application Logic
  • Module 10: Attack: Exploiting Information Disclosure
  • Module 11: Attack: Buffer Overflow
  • Module 12: Attack: Web Server
  • Module 13: Finding Vulnerabilities in Source Code
  • Web Application Programmers
  • Systems/Network Administrators
  • IT Auditors
  • Anyone interested in learning the concepts of secure Web application design
  • Information Security Professional
  • Knowledge about basic networking
  • Knowledge about Information Security
  • Knowledge about Web Application Technologies