Web Application Penetration Testing

Web Application Penetration Testing is a method of evaluating the security of a Web Applications by methodically validating and verifying the effectiveness of application security controls. It focuses only on evaluating the security of a web application. The process involves an active analysis of the application for any weaknesses, technical flaws, or vulnerabilities.The OWASP Web Application Security Testing method is based on the black box approach. The tester knows nothing or has very little information about the application to be tested.

Course Description

Web applications are an integral part of today's world and web applications are there in nook and cranny of any organization from human resource management to share market. So its imperative that security of these applications plays an important of the business hence our course. In this in-depth, hands-on training course you will learn the art of exploiting and securing the web applications.

You will learn from basics of web applications to the advanced attacks which range from SQL Injection to web services hacking. This course will also help you learn methodological way of testing complex web applications starting from reconnaissance to the VAPT report creation, and all these with the help of state of the art the tools.

DURATION : 40 hours
Batches: Week-End Batches available.

Course Outline

  • Introduction To Web application
  • Basics
  • HTTP Protocol
  • Web servers and clients
  • Server-side and Client-side security controls
  • Types of web application security testing
  • Reconnaissance
  • Burpsuite,OWASP ZAP
  • Injections
  • Cross-site Scripting
  • Cross-site Request Forgery
  • Authentication Testing
  • Authorization Testing
  • Session Management
  • Security Misconfiguration
  • Missing functional level access controls
  • SSL & Configuration testing
  • Session Management testing
  • Brute force web applications
  • Parameter Manipulation
  • Other Attacks
  • Web application Penetration Testing Tools
  • Samurai WTF
  • Firefox security Add-ons
  • VAPT Methodologies
  • Documentation & Reporting
entersoftlabs-logo
                 

95.5% of our students passed in first attempt of RHCE and with second(free) attempt 99% of students passed so far.

Entersoftlabs trained 500+ students as Certified Ethical Hackers, highest ever by any organization in the country. Entersoft labs trained over 400+ RHCEs in an year fastest ever by any organization in asia in its first year of operations. Quality is our motto and its helping our students to pass certifications with out any issues.


© 2013 Entersoftlabs Inc. All rights reserved.