Foundations of Web Security Testing
3-day Hands-On Workshop on Web Security Testing
- The best course available in the market. Compare to believe!
- Comprehensive training on web security testing
- 24 hours of in-classroom workshop time, exclusive of lunch/tea breaks
- Late evening extended time provided on request
- Focus on strong fundamentals
- Elaborate coverage of tools and their comparions
- Focus on web security from testing perspective
- 20+ Hands-On Exercises
- No assumptions about existing knowledge
- Small batch size of 20 for more involved training.
- Content developed over 3 years by the author.
- Well received by testers as well as developers.
The attendees would be provided with the following:
- Course material
- TesterFox 0.1: A portable FireFox, bundled with 20+ security testing plugins, that I have developed for the attendees
- Portable tools for mind mapping, text editing, text comparion
- Portable web proxies
- Portable Vulnerable app environment for practice
- ( Optional, for corporate workshops, separate charges ) Pre and post-assessment based on objective type of subjective type questions
- ( Optional, for corporate workshops, separate charges ) Post-training on-the-job support for applying the concepts
Concepts
- The Changing Face of the Web
- How It Was
- How It is Now
- Why Web technologies became so popular
- A high level view of Browsers, HTML, JavaScript, XML etc.
- Where are the security issues in a software
- Basics of Encryption : Shared Key, Private Key, Hashing
- The Basic CIA Triad
- CIA Triad Extended: Security Attributes with Examples – Authentication, Authorization, Confidentiality, Integrity, Non-Repudiation/Accountability, Availability
- Understanding basic web user operations w.r.t. security attributes
- What is the goal of security attacks
- Why the attacks on the Web have become popular
- All Input is Malicious
- Change of Context – Data to Code
- Introduction to HTTP
- Introduction to Web Proxies
- How does a Web Proxy Work
- How to use a Web Proxy using Browser Options and Plugins
- HTTP Request Format
- HTTP Response Format
- HTTP Methods
- HTTP Status Codes
- HTTP Headers
- The key differences between a GET and POST
- Converting a GET into POST and vice versa
- HTTP is stateless
- Session Management
- Session Tokens versus Session
- Cookies
- Hidden Variables
- The Change in Mindset
- Dealing with Software Requirements
- Treating Security Bugs Differently
- Exploration – The Basis of Security Testing
- Ethics
- Client-side restrictions – HTML / JavaScript
- Cookies from Security Perspective
- Encoding
- Encoding versus Encryption
- Encoding Schemes – URL Encoding, Base64 Encoding, Hex Encoding, HTML Encoding, Unicode Encoding
- Session Management from Security Perspective
- Authentication and Authorization from Security Perspective
- HTML Parameters from Security Perspective
- The Misplaced Trust on Client
- Understanding Web Architecture
- Introduction to Social Engineering
- How is Social Engineering related to Web Security
- Phishing
- How Attackers Deliver Attacks using Social Engineering
- SPAM and why what we are discussing is related and is different from common SPAM
- How other vulnerable websites bring security challenge to your website
- Malicious websites and attack delivery
- Using Social engineering knowledge in bug Advocacy
- Mapping an application from security perspective
- Using Browser
- Using Browser and Plugins
- Using Browsers and Proxies as Spiders
- What are the different areas of interest
- Vulnerability Lists ( Focus on OWASP )
- Injection (Focus on SQL Injection and SMTP Injection )
- Cross-Site Scripting
- Authentication Flaws
- Session Management Flaws
- Authorization Flaws
- Cross-Site Request Forgery
- Insecure Configuration
- Insecure Storage
- Insecure Transmission
- Redirection Flaws
Hands-On
The exercises are conducted using local vulnerable apps which have been designed and developed for the purpose. No public website is used for the exercises, as that would break the Ethics code.
- HTML
- Creating Basic HTML Links
- Creating Basic HTML Forms
- Using Web Proxies
- BurSuite, WebScarab, Fiddler
- Understanding how the request is handled at various stages -> browser, TCP, web server, web framework middle layer, web server ( and then DB server, web service etc. if applicable )
- Converting a GET into a POST request and vice versa
- Using Browser Plugins
- Proxy Bar, Proxy Button
- Tamper Data
- SQLInject Me
- Access Me
- XSSMe
- HackBar
- Groundspeed
- FireBug / Web Developer
- Encoding and Decoding
- URL Encoding
- Base64 Encoding
- Custom Encoding Schemes
- Various Tool Choices covered included CAL9000
- Parameter Tampering
- Hidden Variables
- URLs
- Form Data
- Breaking Authentication
- Brain-storming on various authentication flaws
- Forgot Password Exercises
- Breaking Access Flaws
- Naming conventions from security perspective
- Thinking from the development angle
- Finding hidden directories and parameters
- Manipulating Direct Object References
- Breaking Session Management
- Cookie Manipulation
- SQL Injection
- Understanding SQL using MySQL Database
- Identifying database usage
- Imagining SQL based on the web application context
- String and Numeric SQL Injection
- Understanding when to use which form
- Understanding attack delivery for bug advocacy
- SQL Injection cheatsheet
- Cross-Site Scripting ( XSS )
- Hands-On JavaScript
- Retrieving cookies using JavaScript
- Reflected XSS
- Stored XSS
- Understanding Delivery mechanism of XSS
- Image source loading
- Relation to Social Engineering
- Cost Details
- Single Nomination: INR 12,500/- + Service Tax (12.36%)
- Group of Four: (10% discount ): INR 45,000/- + Service Tax (12.36%)
- How to Register
- Full Cost has to be paid in advance to block a seat
- Payment modes: Online Transfer, Cheque, Cash
- Receipt provided on request
- Refund Policy
- If you cancel your registration by sending written communication:
- Full refund in case of cancellation request sent 15 days before the first day of training
- 50% refund in case of cancellation request sent 8-14 days before first day of training
- No refund in case of cancellation request sent in the last week of training
- Full refund in case the training gets canceled from Testing Perspective’s end. Additionally, in such a case, 5% discount would be provided for the candidate in one future training in the subject area.
- If you cancel your registration by sending written communication:
- Venue
- Would be announced one week in advance.
- Would be at a good hotel where I make all the arrangements
- Cost includes the following:
- Training Cost
- Lunch and Tea/Snacks ( twice a day ) cost for 3 days
- Printed trainee material and custom tools
- A good quality notepad, pen and other stationery
- For out-station attendees, the travel and stay arrangement is to be arranged and paid for by the candidate(s).
- Good for individual registrations or a company looking forward to training its employees and the number of trainees are <= 7.
Before attending this workshop, I had tried learning on my own through different books and websites. The pace of my learning is accelerated through this workshop. It is a hands-on workshop with explanation of concepts followed by exercises. A must attend for anyone who is interested in security testing.
Ajay Balamurugdas ( Co-Founder of WeekendTesting)
Wow! I haven’t thought of security in this way or to this extent. This will change the way I think. I haven’t spent my money, instead Rahul has invested his ideas into my testing.
Ravisurya, Aditi Technologies (Author, TestingGarage)
You made me understand difficult concepts in easy way. I’m impressed with the mind maps.
Very good content, very good explanation.
G.S. Neelakantan, Adobe Systems
Before attending the workshop, I thought I need to be a good developer with strong programming skills. Your workshop has shown me how I could carry my core skill as a functional tester one level higher. This workshop has built confidence into me that I can be a good security tester with
practice and smart usage of tools.
Parimala, Blogger-Co-Founder of Weekend Testing- Test Manager at Moolya Testing Services Pvt. Ltd.
You rocked on Day-2, that’s where you connected all the dots from Day 1. This workshop was an eye-opener for me. Organisation of contents and exercises were great.
Adarsha, Fresher
Difficult and complex concepts made easy. Some excellent test automation ideas provided. This workshop helped in improving my thinking capabilities as a tester. Not only can I start a career as a security tester but have become a better functional tester anyways.
Sreeja Sreekumar, Software Engineer, CenturyLink Technologies Pvt. Ltd.
The workshop was conducted in a very structured way. Rahul started from the core base concepts and explained them very nicely. These concepts are the pillars of security testing. Then, on this strong base, diffrent types of security testing techniques like SQL Injection, XSS were taught. This helped me in understanding that whatever I was doing, there is a core concept and reason for that. This helps in making learning interesting and will stay long.
Sourabh Nigam, Technical Lead – Testing, CenturyLink Technoligies Pvt. Ltd.
Rahul has excellent knowledge on security testing and he showed how application security testing is very different from functional testing. The best part of the workshop was that we tried different tools like WebGoat, BurpSuite, WebScarab, FireForx Plugins and so on. Various attacks were discussed with hands-on exercises.
Kishore Kuppireddy, Technical Lead, CenturyLink Technoligies Pvt. Ltd.
It was a nice training…probably a sort of wake up call for me. It gives a feeling or rather makes us aware that testing is much beyond GUI testing. The way Rahul took the session motivates us to improve our technical knowledge.
Priya, CenturyLink Technoligies Pvt. Ltd.
The way that you broke the boundaries between different test types was great and a lesson to take back and discuss with colleagues
Shyam (Attendee in a public workshop)