:: Mile 2 ::




	Course Name: Certified Pen Testing Specialist – Web Analysis Duration: 5 days Language: English Format: Instructor-led (Lecture and Lab) Prerequisite: Mandatory – basic knowledge of a high level language such as C, Java, Perl, PHP and C# Knowledge of information security principles Basic understanding of networking protocols Completion of CPTS or equivalent Knowledge Exam FAQ's Student Materials: Student Workbook with labs Mile2 CD Case Student CD Mile2 Notebook Mile2 Pen

Printer Friendly PDF Version |

BENEFITS OF THIS COURSE

This 5-day course delivers a strong and in-depth knowledge of Web Penetration Testing principles and practices. An instructor-led lecture mixed with hands-on practical application will deliver an overview of the principles and practices of Web Penetration Testing. Emphasis is on World Wide Web penetration testing based on the understanding of the web architecture and the languages used tdevelop web applications

COURSE OVERVIEW

This course seeks testablish the fundamental architecture and languages of the web as it applies tpenetration testing together with the fundamental practices of Web Penetration Testing. The various types of vulnerabilities found in software today will be explained while providing hands-on training in the art of Web Penetration Testing.

UPON COMPLETION

Whereas this course is not an in-depth programming class or a low-level assembly language class, nevertheless, participants will gain a sound understanding of common vulnerabilities inherent in prevailing web software. They will gain knowledge of the principles of Web Penetration Testing and practise these principles with lessons designed tbe as real-world as possible.

COURSE DETAILS

Topics covered

1. Introduction
Business and Technical Logistics of Web Penetration Testing
Web Architecture
Information Gathering
Fingerprinting
Code Vulnerability Basics
Scanning and Assessment
Enumeration of Possible Weak Points
Penetration
Other Issues

DETAILED MODULE DESCRIPTION

Introduction
- Course Objectives
  - Principles (Theoretical)
  - Practices (Practical)
- Resources
  - Helpful websites
  - Tools
Business and Technical Logistics of Web Penetration Testing
- Soft side of Web based Penetration Testing
  - Business reasons ttest
  - Legal issues when testing
  - Ethics
Web Architecture
- Client Architecture
  - HTML/XML
  - Cookies
  - Caching
  - Scripting
  - Applets
  - Plugins
  - Server Side Architecture
    - SSL
    - Proxies
      - Caching
      - Reverse
    - Applications
      - Server side includes
      - SSH Tunnel
      - Databases
      - Java (Tomcat/Jakarta)
      - Scripting Languages
        
        PHP
        
        ModPerl
        
        TCL
        
        Ruby
      - Languages
        
        C
        
        C++
        
        Fortran
        
        VB
    - XSS (Cross Site Scripting)
    - SUEXEC
    - Encryption
      - SSL
      - Other methods
  - Design Lab
Information Gathering
- Public Website Information
  - Whois
  - Searching for information about a website
    - IP and Ports
    - Basic understanding of what the website does
      - Search Engine
      - Database Frontend
      - Application
- Information Gathering Lab
Fingerprinting
- Port Scanners (nmap)
- Port and Application Scanners (nessus)
- Fingerprinting Lab
Code Vulnerability Basics
- Vulnerabilities in code
  - Architectural Flaws
  - Design Flaws
  - Code Flaws
- Code Lab
Scanning and Assessment
- Is there dynamic content?
  - Which backend tool is in use
    - Header output inspection
    - Webpage inspection
- Assessment Labs

Enumeration of Possible Weak Points

Designing an attack
- Use enumeration and understanding of how the code works
- Think outside the box
Design Labs

Penetration

Crafting Attacks
Techniques w/Nessus
Penetration Labs

Other Issues

Mandatory Access Controls
Enhanced Encryption