Course Outline:

Web applications play a vital role in every modern organization. But, if your organization does not properly test and secure its web apps, adversaries can compromise these applications, damage business functionality, and steal data. Unfortunately, many organizations operate under the mistaken impression that a web application security scanner will reliably discover flaws in their systems. Through this course, students/professionals will come to understand major web application flaws and their exploitation and, most importantly, learn a field-tested and repeatable process to consistently find these flaws and convey what they have learned to their organizations. Even technically gifted security geeks often struggle with helping organizations understand risk in terms relatable to business. Much of the art of penetration testing has less to do with learning how adversaries are breaking in than it does with convincing an organization to take the risk seriously and employ appropriate countermeasures.

Course Contents:

1. Introduction to Application Security

  • What is IT-Security?
  • Dealing with IT security
  • Definition: Application Security
  • Defense in Depth

2. Build your security testing environment!

  • Getting started in virtual machines.
  • Installing Kali Linux OS in virtual machine.

3. Application Security Risks and Vulnerabilities

4. Widespread Attacks and Vulnerabilities

5. Introduction to Web Application Security Testing Tools

Let's have a bit of fun!

  • Footprinting with Nmap and external resources.
  • SQL Injection.
  • Brute-forcing methods for cracking passwords.
  • Reverse shells. Gain remote control of any device!
  • Intro to Metasploit and reverse shells. What are reverse shells and why use them
  • Metasploit ( reverse shell ) part 2 starting from a two terminal setup.
  • Making reverse shells persistent on another system and escalating privileges.
  • Creating a persistent reverse shell with Metasploit.

Teaching Faculty:

Mr.Harikrishnan D,

QA Engineer,
SPAN Technology Services Private Limited.

Who can Attend:

  • Any IT Professional can take this course to understand the Importance of Security for Web sites
  • Penetration testers
  • Web Developers
  • IT admins and staff
  • Anyone who wants to learn websites / web applications hacking
  • If you are hoping to be a better network administrator, you can use this course to learn how to secure networks and protect assets.

Duration and Venue:

August 18th Saturday (9.30 AM - 3.30 PM)

Paruv Digital Services,
No.2A, Shringar Nagar Extn,
II Cross East, Bharathi Colony,
Peelamedu, Coimbatore - 641 004.

Workshop Fee:

The Workshop Fee will be 300 for Students.

The Workshop Fee will be 500 for Professionals.

Accomodation:

Not Applicable