KEMBAR78
Web Application Penetration Testing | PDF | World Wide Web | Internet & Web
Scribd
Upload
29 views6 pages

Web Application Penetration Testing

The document outlines a comprehensive course on Web Application Penetration Testing (WAPT), covering various modules from introduction to advanced topics. Key areas include web application fundamentals, security controls, injection attacks, authentication and authorization testing, and the use of tools like Burp Suite. Additionally, it addresses methodologies, automated scanners, and the importance of reporting in the context of web application security.

Uploaded by

rsuhasan.36
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
29 views6 pages

Web Application Penetration Testing

The document outlines a comprehensive course on Web Application Penetration Testing (WAPT), covering various modules from introduction to advanced topics. Key areas include web application fundamentals, security controls, injection attacks, authentication and authorization testing, and the use of tools like Burp Suite. Additionally, it addresses methodologies, automated scanners, and the importance of reporting in the context of web application security.

Uploaded by

rsuhasan.36
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Web Application Penetration Testing

Module 0 : Introduction

1. Introduction to the course.


2. How to get most out of the course
3. Resources you will need for the course
4. What is WAPT?

Module 1 : Introduction To Webapplication

1. What is web application


2. History of Web-Applications
3. Existing problems and challenges in present web applications
4. Overview of web application defences

Module 2: Basics

1. How a web application works


2. Architecture of web applications
3. Basics of HTML
4. Basics of CSS
5. Basics of Javascript
6. Basics of any server-side language (PHP/J2EE/ASP.NET)

Module 3: HTTP Protocol

1. Overview of RFC 2616


2. HTTP Messages & Entities
3. HTTP Request
4. HTTP Response
5. HTTP Status Codes
6. Various types of encoding schemes

Module 4: Web servers and clients

1. IIS Server
2. Apache Server
3. Other Servers
4. Browsers
5. Browser’s same origin policy
6. Other Web enabled Clients
Module 5: Server-side and Client-side security controls

1. Input Validation
2. Output validation (encoding)
3. Insufficient input & output validations
4. Validation approaches

1. White list approach


2. Black list approach
5. Bypass thin/thick(decompile) client validations

1. Flash
2. Java

6. Leveraging Ajax and web 2.0 in attacks

7. Bypass Server-side validations

Module 6: Mastering Burp suite

1. Introduction to burp suite


2. Configuring burp suite
3. Burp proxy
4. Burp Spider
5. Burp Intruder
6. Burp Repeater
7. Burp Sequencer

Module 7: Injections

1. SQL Injection
2. Blind SQL Injection
3. Command Injection
4. LDAP Injection
5. XPATH Injection
6. SOAP Injection
7. File Includes
8. other Injections
9. Implications of Injections
10. Test methodology for injections
11. Remediations
Module 8: Cross-site Scripting

1. Reflected XSS
2. Stored XSS
3. DOM XSS
4. Implications of XSS
5. Test Methodology for XSS
6. Remediations

Module 9: Cross-site Request Forgery

1. CSRF with GET method


2. CSRF with POST method
3. Implications of CSRF
4. Test methodology for CSRF
5. Remediations

Module 10: Authentication testing

1. Introduction to Authentication
2. Guessable Passwords
3. Failure Messages
4. Brute forcing login
5. Plain text password transmission
6. Improper implementation of forgot password functionality
7. Remember Me Functionality
8. Guessable User names
9. Multi factor authentication flaws
10. Fail-Open Login Mechanisms
11. Insecure Storage of Credentials
12. Remediations

1. Use Strong Credentials


2. Transmit the credentials securely
3. Log, Monitor, and Notify

Module 11: Authorization testing

1. Introduction to authorization
2. Implementation weaknesses in authorization
3. Horizontal privilege escalation
4. Vertical privilege escalation
5. URL, Form, cookie based escalation
Module 12: Types of web application security testing

1. Black box testing


2. White box tesing
3. Grey box testing
4. Vulnerability Assessment vs Penetration testing
5. Web application penetration test scope and process
6. Legalities of the VAPT

Module 13: Reconnaissance

1. Foot printing Domain details (whois) - Technicalinfo.net


2. OS and Service fingerprinting – Netcraft.com, Banner grabbing,
HTTPprint
3. Google hacking
4. Load balancer Identification
5. Spidering a web site (wget, Burp spider)
6. Application flow charting
7. Relationship analysis within an application
8. Software configuration discovery

Module 14: SSL & Configuration testing

1. Testing SSL / TLS cipher


2. Testing SSL certificate validity – client and server
3. Infrastructure and Application Admin Interfaces
4. Testing for HTTP Methods and XST
5. Testing for file extensions handling
6. Old, Backup and Unreferenced Files
7. Application Configuration Management Testing

Module 15: Session Management testing

1. Need for session and state


2. Ways to implement state
3. how session state work
4. What are cookies
5. Common Cookies and Session Issues

a. Attacks on Cookies and Session

1. Session hijacking
2. Session Fixation
3. Session replay
4. Man in the middle

b. Cookie / session security

1. Http only
2. X-Frame-option
3. Use of SSL

Module 16: Brute force web applications

1. Brute force authentication


2. Brute force Authorization
3. Brute force web services
4. Brute force web server
5. Brute force .htaccess

Module 17: Parameter Manipulation

1. Query string manipulation


2. Form field manipulation
3. Cookie manipulation
4. HTTP header manipulation

Module 18: Other Attacks

1. Sniffing
2. Phishing
3. Vishing
4. D(D)OS Attacks
5. Unvalidated Redirects and Forwards

Module 19: Samurai WTF

1. Introduction to Samurai WTF


2. Various Tools in Samurai WTF
3. Nikto
4. w3af
5. BeEF Framework
6. Fuzzing and JBroFuzz
7. DirBuster
8. Netcat
9. Brutus and Hydra
10. Overview of various Proxies (zed, rat, paros, webscarab)

Module 20: Firefox security Add-ons

1. Tamper Data
2. SQL inject me
3. XSS me
4. Firebug
5. Live HTTP headers
6. Foxy Proxy
7. Web Developer

Module 21: Automated Scanners

1. Acunetix
2. IBM App Scan
3. Burp Scanner
4. Effectiveness of Automated tools
5. Reduction of False positives and false Negatives

Module 22: VAPT Methodologies:

1. OWASP
2. SANS 25
3. WAHH
4. OWASP Check-list

Module 23: Reporting

1. Importance of documentation
2. OWASP Risk rating methodology
3. Creating managerial, technical VAPT reports
4. Open reporting standards

You might also like