Scribd Logo
Upload

Welcome to Scribd!

  • MAN SEC WAPT Syllabus

    Uploaded by

    Manoj Kumar
    10 views4 pages
    The document provides a syllabus for a web application penetration testing (WAPT) course. The syllabus covers topics such as reconnaissance, server-side and client-side security controls, mastering the Burp Suite tool, injection vulnerabilities like SQL injection and cross-site scripting, authentication testing, authorization testing, SSL/TLS testing, session management testing, and using automated scanners. The course aims to teach students how to identify and exploit various vulnerabilities in web applications.

    Original Description:

    Original Title

    MAN_SEC_WAPT_syllabus

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides a syllabus for a web application penetration testing (WAPT) course. The syllabus covers topics such as reconnaissance, server-side and client-side security controls, mastering the Burp Suite tool, injection vulnerabilities like SQL injection and cross-site scripting, authentication testing, authorization testing, SSL/TLS testing, session management testing, and using automated scanners. The course aims to teach students how to identify and exploit various vulnerabilities in web applications.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    10 views4 pages

    MAN SEC WAPT Syllabus

    Uploaded by

    Manoj Kumar
    The document provides a syllabus for a web application penetration testing (WAPT) course. The syllabus covers topics such as reconnaissance, server-side and client-side security controls, mastering the Burp Suite tool, injection vulnerabilities like SQL injection and cross-site scripting, authentication testing, authorization testing, SSL/TLS testing, session management testing, and using automated scanners. The course aims to teach students how to identify and exploit various vulnerabilities in web applications.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 4

    WAPT

    WEB APPLICATON PENETRATION TESTING

    SYLLABUS
    What you will learn
    The learning path covers workstation setup, including
    installation and configuration of Burp Suite with the Firefox web browser. Certificate
    installation and proxy configurations are covered in order to allow newcomers to start
    pentesting immediately.

    Focuses on the OWASP Top Ten vulnerabilities. Many real-world


    vulnerabilities are showcased for each of the ten topics and various demos are given on
    how to solve related challenges in Portswigger’s Web Security Academy.

    Covers a variety of pentesting tools and Burp extensions such as Turbo Intruder,
    Intruder File Payload Generator, SQLMap and many more.

    Course closes out the learning path with pentesting advice, a path recap and a
    look at the final project.
    Introduction Reconnaissance
    ◯ Introduction to the course. ◯ Foot printing Domain details (whois) -
    ◯ How to get most out of the course Technicalinfo.net
    ◯ Resources you will need for the course ◯ OS and Service fingerprinting – Netcraft.com,
    Banner grabbing, HTTPprint
    ◯ What is WAPT?
    ◯ Google hacking
    Introduction to Web-application ◯ Load balancer Identification
    ◯ What is web application?
    ◯ Spidering a web site (wget, Burp spider)
    ◯ History of Web-Applications
    ◯ Existing problems and challenges in
    Server-side and Client-side security controls
    ◯ Input Validation & Output validation (encoding)
    present web applications
    ◯ Insufficient input & output validations
    ◯ Overview of web application defences
    ◯ Validation approaches
    Basics ◯ Bypass Server-side validations
    ◯ How a web application works
    Mastering Burp suite
    ◯ Architecture of web applications
    ◯ Introduction to burp suite
    ◯ Basics of HTML, CSS and Javascript
    ◯ Configuring burp suite
    ◯ Basics of any server-side language
    ◯ Burp proxy, Burp Spider, Burp Intruder, Burp
    (PHP/J2EE/ASP.NET)
    Repeater, Burp Sequencer

    HTTP Protocol
    Injections
    ◯ Overview of RFC 2616
    ◯ SQL Injection, Blind SQL Injection, Command
    ◯ HTTP Messages & Entities
    Injection, LDAP Injection, XPATH Injection,
    ◯ HTTP Request, HTTP Response
    Other Injections
    ◯ HTTP Status Codes
    ◯ Implications of Injections
    ◯ Various types of encoding schemes
    ◯ Test methodology for injections
    ◯ Remediation
    Web servers and clients
    IIS Server, Apache Server and Other
    Cross-site Scripting

    Servers ◯ Reflected XSS, Stored XSS, DOM XSS


    ◯ Browsers ◯ Implications of XSS
    ◯ Browser’s same origin policy ◯ Test Methodology for XSS
    ◯ Other Web enabled Clients ◯ Remediation

    Types of web application security Cross-site Request Forgery


    testing
    ◯ CSRF with GET method
    ◯ Black box testing ,White box testing &
    ◯ CSRF with POST method
    Grey box testing
    ◯ Implications of CSRF
    ◯ Vulnerability Assessment vs Penetration
    ◯ Test methodology for CSRF
    testing
    ◯ RemediationCross-site Request Forgery
    ◯ Infrastructure and Application Admin
    ◯ CSRF with GET method
    Interfaces
    ◯ CSRF with POST method
    ◯ Web application penetration test scope
    ◯ Implications of CSRF
    and process
    ◯ Test methodology for CSRF
    ◯ Legalities of the VAPT
    ◯ Remediation
    Authentication testing Brute force web applications
    ◯ Guessable Passwords ◯ Brute force authentication,
    ◯ Failure Messages ◯ Brute force Authorization,
    ◯ Brute forcing login ◯ Brute force web services,
    ◯ Plain text password transmission ◯ Brute force web server.
    ◯ Improper implementation of forgot
    Parameter Manipulation
    password functionality
    ◯ Query string manipulation
    ◯ Remember Me Functionality
    ◯ Form field manipulation
    ◯ Guessable User names
    ◯ Cookie manipulation
    ◯ Multi factor authentication flaws
    ◯ HTTP header manipulation
    ◯ Fail-Open Login Mechanisms
    Insecure Storage of Credentials
    Firefox security Add-ons

    ◯ Remediation ◯ Tamper Data


    ◯ SQL inject me
    Authorization testing ◯ XSS me
    ◯ Introduction to authorization
    ◯ Firebug
    ◯ Implementation weaknesses in
    ◯ Live HTTP headers
    authorization
    ◯ Foxy Proxy
    ◯ Horizontal privilege escalation
    ◯ Web Developer
    ◯ Vertical privilege escalation
    ◯ URL, Form, cookie based escalation Automated Scanners

    ◯ Acunetix, Netsparker, Burp Scanner
    SSL& Configuration testing ◯ Effectiveness of Automated tools
    ◯ Reduction of False positives and false Negatives
    ◯ Testing SSL / TLS cipher
    ◯ Testing SSL certificate validity–client and
    server
    ◯ Infrastructure and Application Admin
    Interfaces
    ◯ Testing for HTTP Methods
    ◯ Testing for file extensions handling
    ◯ Old, Backup and Unreferenced Files
    ◯ Application Configuration Management
    Testing

    Session Management testing


    ◯ Need for session and state
    ◯ Ways to implement state
    ◯ How session state work
    ◯ What are cookies
    ◯ Common Cookies and Session Issues
    ◯ Man in the middle

    You might also like