Professional Documents
Culture Documents
ETHICAL HACKING PP
LIC
AT I O N S E
CU
RI
A
TY
Certified Application
C E RT I F I E D
TESTER •
Security Tester (CAST)
•
ET
HI G
C AL IN
H AC K
To find out if our cyber training is right for you, and to make a booking,
contact our education team on 01763 285 285 or email education@7safe.com
COURSE OUTLINE
ETHICAL HACKING PP
LIC
AT I O N S E
CU
RI
A
TY
Certified Application
C E RT I F I E D
TESTER •
Security Tester (CAST)
•
ET
HI G
C AL IN
H AC K
SYLLABUS
1. Introduction to web 6. Web/application server issues 13. SQL injection
applications a. IIS/Apache/OpenSSL exploitation a. Introduction to SQL injection
a. HTTP protocol b. Oracle application server exploits b. Impact: Authentication bypass
b. Authentication (bypass exclusion list etc) c. Impact: Extracting data
c. Authorisation c. Insecure HTTP methods (Blind SQL Injection, UNION
d. Cookies d. WebDAV issues injection, OOB channels)
d. OS code execution (MS-SQL,
2. Authentication 7. Cross-site scripting MySql)
a. Types of authentication a. Types of XSS e. SQL injection within stored
b. Clear text HTTP protocol b. Identifying XSS procedures, parameterised
c. Advanced username c. Exploiting XSS statements
enumeration/brute force issues d. Secure cookie, HTTP-only f. Places where you never thought
d. Security through obscurity SQLI could occur
8. Advanced XSS g. Pitfalls in defending SQL injections
3. Authorisation a. Advanced XSS exploitation h. Fixing SQL Injections
a. Session management issues b. Pitfalls in defending XSS
b. Weak ACLs c. Fixing XSS 14. Malicious file uploads
c. Cookie analysis a. File uploads
9. Cross-site request forgery b. IIS zero-day
4. SSL misconfigurations a. Identifying/exploiting CSRF c. Hacking unprotected application
a. Attacks on SSL b. Complicated CSRF with POST servers
b. TLS renegotiation requests
c. MD5 collisions c. CSRF in web services 15. Vulnerable flash applications
d. Impact
5. Security
problems with thick e. Fixing CSRF 16. Business logic bypass
client applications a. Authentication bypass
a. Insecure design 10. Session fixation b. Insecure coding
b. Echo Mirage, MiTM, a Cookie fixation c. Other logical flaws
replaying traffic etc. b. Faulty log-out functionalities
17. OS code execution
11. CRLF injection
a. Proxy poisoning 18. Remote/local file inclusion
7Safe
b. XSS with CRLF injection a. File inclusion
Global Innovation
and Technology Centre
b. OS code execution
Melbourn 12. Clickjacking
Herts, SG8 6DP a Impact of clickjacking and proof 19. Direct object reference
United Kingdom of concept
tel: +44(0) 1763 285 285
education@7safe.com
www.7safe.com
To find out if our cyber training is right for you, and to make a booking,
contact our education team on 01763 285 285 or email education@7safe.com