Web Penetration Testing Training in Folsom
Enroll in or hire us to teach our Web Penetration Testing class in Folsom, California by calling us @303.377.6176. Like all HSG
classes, Web Penetration Testing may be offered either onsite or via instructor led virtual training. Consider looking at our public training schedule to see if it
is scheduled: Public Training Classes
Provided there are enough attendees, Web Penetration Testing may be taught at one of our local training facilities.
We offer private customized training for groups of 3 or more attendees.
|
||
Course Description |
||
This course provides students with a solid foundation on penetration
testing as it applies to web applications. Those looking to identify
how to perform a Penetration Test against web applications and present
findings to a customer/employer in a professional manner.
Course Length: 2 Days
Course Tuition: $690 (US) |
Prerequisites |
|
Basic understanding of web development concepts. Some development experience is suggested |
Course Outline |
Penetration Testing and Setup
Web application Penetration Testing concepts
Penetration Testing methodology
Reconnaissance
Reconnaissance objectives
Initial research
Company website
Web history sources
Regional Internet Registries (RIRs)
Electronic Data Gathering, Analysis, and Retrieval (EDGAR)
Social media resources
Trust
Job postings
Location
Google hacking
Google Hacking Database
Researching networks
Server Side Attacks
Vulnerability Assessment
Exploitation
Exploiting e-mail systems
Brute-force attacks
Cracking passwords
Man-in-the-middle
Client-side Attacks
Social engineering
Social Engineering Toolkit (SET)
MitM Proxy
Host scanning
Obtaining and cracking user passwords
Password Cracking Tools
Attacking Authentication
Attacking session management
Hijacking web session cookies
Web session tools
SQL Injection
Cross-site scripting (XSS)
Testing cross-site scripting
XSS cookie stealing / Authentication hijacking
Other tools
Web Attacks
Browser Exploitation Framework – BeEF
FoxyProxy – Firefox plugin
BURP Proxy
OWASP – ZAP
SET password harvesting
Fimap
Denial of Services (DoS)
Low Orbit Ion Cannon
Other tools
Defensive Countermeasures
Testing your defenses
Mirror your environment
Man-in-the-middle defense
Denial of Service defense
Cookie defense
Clickjacking defense
Digital forensics
Penetration Test Executive Report
Compliance
Industry standards
Professional services
Documentation
Report format
Statement of Work (SOW)
|
Course Directory [training on all levels]
Technical Training Courses
Software engineer/architect, System Admin ... Welcome!
- .NET Classes
- Agile/Scrum Classes
- Ajax Classes
- Android and iPhone Programming Classes
- Blaze Advisor Classes
- C Programming Classes
- C# Programming Classes
- C++ Programming Classes
- Cisco Classes
- Cloud Classes
- CompTIA Classes
- Crystal Reports Classes
- Design Patterns Classes
- DevOps Classes
- Foundations of Web Design & Web Authoring Classes
- Git, Jira, Wicket, Gradle, Tableau Classes
- IBM Classes
- Java Programming Classes
- JBoss Administration Classes
- JUnit, TDD, CPTC, Web Penetration Classes
- Linux Unix Classes
- Machine Learning Classes
- Microsoft Classes
- Microsoft Development Classes
- Microsoft SQL Server Classes
- Microsoft Team Foundation Server Classes
- Microsoft Windows Server Classes
- Oracle, MySQL, Cassandra, Hadoop Database Classes
- Perl Programming Classes
- Python Programming Classes
- Ruby Programming Classes
- Security Classes
- SharePoint Classes
- SOA Classes
- Tcl, Awk, Bash, Shell Classes
- UML Classes
- VMWare Classes
- Web Development Classes
- Web Services Classes
- Weblogic Administration Classes
- XML Classes
Business Training Courses
Project Managers, Business Analysts, Paralegals ... Welcome!
Upcoming Classes
Gain insight and ideas from students with different perspectives and experiences.