Download Ultimate Hacking: Web Course Description

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts
no text concepts found
Transcript 
Course Description
Ultimate
Hacking: Web
Foundstone® Services Training Course
With every application that an organization brings online or ecommerce
business that goes live, malicious hackers are waiting to attack. This course
provides security professionals with the knowledge and tools to recognize
software vulnerabilities, develop countermeasures, and perform ongoing
assessments of Internet-facing applications. In a hands-on setting, our
instructors offer demonstrations on how attackers can access corporate
information with little more than a web browser.
Course Goals
■■
■■
Identify and respond to web
attacks.
Identify and respond to data
validation attacks.
Agenda At A Glance
■■
Web Technology and Testing Tools
■■
Data Validation Attacks
■■
Other Web Attacks
■■
■■
Work with authorization and
vulnerability scanning.
Authorization, Non-Browser Clients,
and Automated Scanners
Audience
■■
System and network
administrators, corporate
security personnel, auditors,
law enforcement officers,
and consultants responsible
for investigating malware
outbreaks or network
investigations.
Course Description
Recommended Pre-Work
Basic understanding of UNIX, Windows OS,
computer forensics, and TCP/IP networking is
required for the course to be fully beneficial.
Module 3—Other Web Attacks
Information Disclosure
■■
■■
Authentication
■■
User Management
Course Outline
■■
Session Management
Module 1—Web Technology and Testing Tools
Preparation and Planning
■■
Other Injection Attacks
■■
■■
HTTP Overview
■■
Profiling the Environment
Module 4—Authorization, Non-Browser
Clients, and Automated Scanners
Authorization
■■
■■
Module 2—Data Validation Attacks
Parameter Manipulation
■■
■■
■■
Cross-Site Scripting
■■
Data Validation
■■
SQL Injection
■■
Other Browser Attacks
To order, or for further
information, please call
1 888 847 8766 or email
[email protected].
■■
Other Clients
Automated Web Application
Vulnerability Scanning
Wrap-Up/Methodology
Intel and the Intel and McAfee logos and Foundstone are trademarks of Intel Corporation or McAfee, Inc. in the US and/or other countries. Other marks
and brands may be claimed as the property of others. Copyright © 2016 Intel Corporation. 62308crs_ult-hacking-web_0316
McAfee. Part of Intel Security.
2821 Mission College Boulevard
Santa Clara, CA 95054
888 847 8766
www.intelsecurity.com
Related documents
No Slide Title
No Slide Title
Honeynet Project
Honeynet Project
Systems Security
Systems Security
home1
home1
APT-Tactics
APT-Tactics
Research Areas - The George Washington University
Research Areas - The George Washington University
dos_nanog
dos_nanog
Introduction - Personal Web Pages
Introduction - Personal Web Pages
Heart Attack - Coffee Regional Medical Center
Heart Attack - Coffee Regional Medical Center
Distributed Denial of Service (DDoS)
Distributed Denial of Service (DDoS)
Raz-Lee Solution Brief
Raz-Lee Solution Brief
Discovering Concrete Attacks on Website Authorization by Formal
Discovering Concrete Attacks on Website Authorization by Formal