Application Security Assessment
€2750, aangeboden door Tailor IT Training
Module 1: Introduction
Into Penetration Testing
-what is Penetration Testing
- why Penetration Testing
Methodologies
- black-box Test
- Grey-box Test
- White-box test
Determine the scope:
- Whom do you test for
- Why are you testing
- What is your target
Legal
- "out of jail" card
Module 2: Passive Techniques
Information Gathering I,
- Spider, Robots and Crawlers
- Search Engine Discovery/Reconnaissance
Information Gathering II
- Identify application entry points
- Testing for WebApplication Fingerprint
Information Gathering III
- Application Discovery
- Analysis of Error Codes
Module 3: Pentest I, Configuration Management
- SSL/TSL
- DB Listener
- Infrastructure Configuration Management
- Application Configuration Management
- File Extensions Handling
- Old, Backup and Unreferenced Files
- Infrastructure and Application Admin Interfaces
- HTTP Methods and XST
Module 4: Pentest II, Business Logic 109
- Business rules, limits and restrictions
- Business scenarios
- Workflow
- Different user roles
- Different groups or departments
- Permissions of various user roles and groups
- Privilege table
- Developing and execution of logical tests
Module 5: Pentest III, Authentication
- Credentials transport over an encrypted Channel
- User enumeration
- Guessable (dictionary) user account
- Brute Force
- Bypassing Authentication Schema
- Vulnerable remember Password reset
- Logout and Browser Cache Management
- CAPTCHA
- Multi Factors Authentication
- Race Conditions
Module 6: Pentest IV, Authorization
- Path Traversal
- Bypassing Authorization Schema
- Privilege Escalation
Module 7: Pentest V, Session Management
- Session Management Schema
- Cookies attributes
- Session Fixation
- Exposed Session Variables
- CSRF
Module 8: Pentest VI, Data Validation
- Cross site Scripting (reflected, stored, DOM based, Cross Site Flashing)
- SQL Injection (different databases, out of band, blind)
- LDAP Injection
- ORM Injection
- XML Injection
- SSI Injection
- XPath Injection
- IMAP/SMTP injection
- Code Injection
- OS Commanding
- Buffer overflow ( Heap / Stack overflow, Format string)
- Incubated vulnerability
- HTTP Splitting/Smuggling
Module 9: Pentest VII, Denial of Service (DOS)
- SQL Wildcard Attacks
- Locking Customer Accounts
- User Specified Object Allocation
- User Input as a Loop Counter
- Writing User Provided Data to Disk
- Failure to Release Resources
- Storing too Much Data in Session
Module 10: Pentest VIII, Web Services
- WS Information Gathering
- WSDL
- XML Structure
- XML Content-Level
- HTTP GET parameters / REST
- SOAP attachments
- Replay
Module 11: Pentest IX, Ajax
Module 12: Reporting
- Value the Real Risk
- Writing the Report
- Executive Summary
- Technical Management Overview
- Assessment Findings
- Delivering a report
Module 13: How to continue