Select course by Certification/Exam Body or by Topic Below

CRPT Web Application – Course Overview

The C-Registered Penetration Tester – Web Application (CRPTWA) program takes students of varying IT experience levels and re-skills them so that they can enter the industry not as a trainee but as qualified Penetration Tester making them productive from day one.

This in-depth, hands-on, week Long course will take you into a rewarding and lucrative career in the Cyber Security world.

Objectives:

To help you forge a successful career within this sector we will thoroughly prepare you to gain two (2) of the most relevant, in-demand, industry recognized qualifications; which are:

+ CREST Practitioner Security Analyst (CPSA)
+ CREST Registered Penetration Tester (CRT)

Course Style:

The training combines Instructor led, Virtual Instructor led, and self-paced e-Learning modules. This “blended learning” approach integrates classroom, hands-on lab exercises and project teamwork to provide both the theoretical and practical training needed to make individuals Cyber Security professionals.

The course will allow our students to leave as sought-after professionals, well-equipped with the in-demand job skills and certifications needed to be employed as technically well rounded professionals in any Cyber Security team.

Course Structure

Step 1 – You meet the pre-requisite requirements (see below)
Step 2 – Receive 2 weeks of instructor lead training.
Step 3 – Enrolled Delegates are issued with a Pearson VUE exam voucher for CPSA exam
to be taken anytime.
Step 4 – Delegates are given access to our iLab services for 30 days.
                The instructor is contactable be email to support practical classes & exercises.
Step 5 – The iLab will give delegates continued access to the learning environment to
practice all the skills you have been taught on the course.
Step 6 – Take the CRT exam at a Crest testing centre near you.

The Penetration tester course will allow our students to leave as sought-after professionals, well-equipped with the in-demand job skills and certifications needed to be employed as technically well rounded professionals in any Cyber Security team.

   11000+ Trained Globally- including FTSE 250
   Classroom based small, highly interactive sessions.
   Widest range of Cyber courses – Select on your exact needs.
   The best content developed by qualified professionals.
   Great value – Exceptional quality at a great price.
ISACA
EC-Council
British Computer Society
PECB
CREST

Book Your Course

Not sure which course is right for you?

Call us on 020 8840 4496 and we’ll help you try and find the best course for you.

Date Location Price Course Booking
Sep 25-29, 2017 London-Ealing Click here -->
Nov 13-17, 2017 London-Ealing Click here -->

Email us for best price!

Course Syllabus

  • Introduction to web application security
  • Various attacks on web applications
  • Web application attack statistics (Verizon DBIR, AKAMAI state of the Internet report, White Hat security

Web technologies and concepts

  • History
  • Multi-tier architecture
  • Web technologies concepts
  • HTTP protocol
  • Encoding
  • HTTP protocol methods
  • HTTP protocol status codes
  • Cookies
  • Cookie protection
  • HTML
  • XML
  • SOAP
  • Parameter tampering concepts
  • OWASP: Top 10
  • OWASP: Testing guide
  • OWASP: ESAPI
  • Various web debugger proxy tools
  • LAB: Burp proxy (FREE edition) parameter tampering
  • LAB: Burp proxy (FREE edition) Crawling
  • LAB: Burp proxy (FREE edition) Using Repeater and Intruder
  • LAB: ZAP proxy automated scanning

Web application frameworks

  • NET / Silverlight (NOT TO BE USED ANYMORE)
  • LAB: Decompiling Silverlight application
  • PHP
  • Java
  • LAB: Decompiling Java application
  • Flash
  • LAB: Decompiling Flash application

Web servers concepts and differences

  • MS IIS
  • Apache
  • Tomcat
  • Web server vulnerabilities
  • LAB: Hacking Tomcat server

Bypassing client side controls

  • Parameter tampering
  • Client side attacks
  • DEMO: Client side attack example (DLL hijacking)
  • Hidden form fields
  • Session cookies and cookie protection
  • DEMO: Cookie analysis
  • URL parameters
  • Referrer header
  • LAB: Cookie analysis and parameter tampering
  • How to defend against this type of attacks

Authentication attacks

  • Authentication/Authorization concepts
  • Authentication methods: Basic
  • Authentication methods: Digest
  • Authentication methods: Integrated Windows
  • Authentication methods: Form based
  • Authentication methods: Client certificate
  • LAB: Analysing various authentication types
  • LAB: Password cracking with burp
  • LAB: Password cracking with hydra
  • How to defend against this type of attacks

Design/Implementation flaws

  • Bad passwords
  • Authentication susceptible to Brute-force
  • Verbose failure messages
  • Unprotected transmission of credentials
  • Change and forgotten password functionality
  • Remember me functionality
  • User impersonation functionality
  • How to defend against this type of attacks

OWASP TOP 10: Injection (A1)

  • SQL injection explained
  • DEMO: SQLi (simple, complex, automated)
  • LAB: SQLi simple
  • LAB: from SQLi to reverse shell
  • LAB: SQLi automation using SQLMap tool
  • LDAP injection explained
  • OS command injection explained
  • LAB: from OS command injection to shell
  • How to defend against this type of attacks

OWASP TOP 10: XSS/CSRF (A3/A8)

  • Cross Site Scripting types explained
  • DEMO: stored and reflected XSS
  • LAB: simple reflected XSS
  • LAB: cookie stealing using XSS
  • LAB: from XSS to shell using BeeF (Browser Exploitation toolkit)
  • How to defend against this type of attacks

OWASP TOP 10: Broken authentication and session management (A2)

  • Session management and vulnerabilities
  • Cookie weaknesses
  • Cookie stealing techniques
  • DEMO: Trace.axd, Elmah.axh

Other common web application vulnerabilities

  • DoR (Direct Object references)
  • LAB: DoR
  • How to defend against this type of attacks
  • File inclusion: local (LFI)
  • File inclusion: remote (RFI)
  • Directory traversal
  • Null byte attacks
  • DEMO/LAB: LFI, RFI with directory traversal
  • File upload issues
  • DEMO: from image to root in few minutes
  • LAB: from image to root

Microsoft SQL server

  • Common attack vectors
  • Privilege escalation through database connection
  • DEMO: MS SQL server EoP through database connection

Oracle RDBMS

  • Common attack vectors
  • Oracle default accounts
  • Version identification
  • DEMO: ORACLE RDBMS version identification and default user accounts

MySQL

  • Common attack vectors
  • Privilege escalation through database connection
  • DEMO: MySQL UDF exploit

Web application database connectivity

  • MS SQL server authentication methods and connection
  • Oracle server authentication methods and connection
  • MySQL server authentication methods and connection
  • MS Access authentication methods and connection

BoF (Buffer overflow)

  • Computer architecture and Assembly language intro
  • BoF attacks and examples (stack, SEH)
  • DEMO: Simple stack BoF from fuzzing to exploit
  • DEMO: Simple stack SEH BoF exploit
  • HOMEWORK: Simple stack BoF from fuzzing to exploit
  • BoF protection techniques

Additional Information

Prerequisites

Virtualization

using VMware, Virtual box, Hyper-V – at least one of mentioned platforms

being able to create and use VMs, configure networking (bridge, NAT) in abovementioned platforms

understand that VMs can be converted from one platform to another

Networking

being able to configure IP settings on various windows and Linux OSs

being able to configure routing and manipulate routing tables on windows and Linux OSs

understanding basic troubleshooting tools and being able to fix troubleshoot networking issues related to IP, DNS, DG,

Operating System

being able to perform software installation, uninstallation, OS updates at least on windows and preferably Linux OSs

know how to create users and add users to groups at least on widows and preferably Linux OSs

being able to troubleshoot computer boot issues

Hardware

Know how to enter the BIOS and modify various settings

Understand boot sequence and preferably BIOS POST procedure

General knowledge

general computer user knowledge related to:

Internet browsing,

file copy and paste

file permissions

command line tools usage and understanding on command vs. switches

compression tool usage

good understanding on different file types on windows and what to do with them

Soft skills

Being able to work in a stressful situations

Being able to learn without supervision

Being able to think out of the box

Who should attend

This training is intended for individuals who wish to have a rewarding and lucrative career in the Cyber Security world.

We Accept

Course List