CERTIFIED WEB APPLICATION HACKING SECURITY

COURSE DESCRIPTION

Web Application Hacking and Security has challenges derived from the iLab environments of EC-Council – from Certified Ethical Hacker (CEH) to the Certified Penetration Testing Professional (CPENT); from Certified Application Security Engineer (CASE) .Net to Java. But Web Application Hacking and Security goes beyond this to more difficult scenarios as you advanced through each problem.

Web Application Hacking and Security is like Capture-The-Flag (CTF) competitions meant to test your hacking skills. But you can keep on trying until you achieve the goal. Test your skills and work alone to solve complex problems or follow the instructor as he does walkthroughs to help you learn Web Application Hacking and Security.

WHAT WILL YOU LEARN?

You will learn about application vulnerabilities and web application hacking. Even though this will prove useful for other CTF contests, and in cracking VVMs, it will be even more useful to your career as you learn to defend your applications and progress to Web Application Hacking and Security.
• Advanced Web Application Penetration Testing
• Advanced SQL Injection (SQLi)
• Reflected. Stored and DOM-based Cross Site Scripting (XSS)
• Cross Site Request Forgery (CSRF)-GET and POST Methods
• Server-Side Request Forgery (SSRF)
• Security Misconfigurations
• Directory Browsing/Bruteforcing
• CMS Vulnerability Scanning
• Network Scanning
• Auth Bypass
• Web App Enumeration
• Dictionary Attack
• Insecure Direct Object Reference Prevention (IDOR)
• Broken Access Control
• Local File Inclusion (LFI)
• Remote File Inclusion (RFI)
• Arbitrary File Download
• Arbitrary File Upload
• Using Components with Known Vulnerabilities
• Command Injection
• Remote Code Execution
• ► File Tampering
• ► Privilege Escalation
• ► Log Poisoning
• ► Weak SSL Ciphers
• ► Cookie Modification
• ► Source Code Analysis
• File Tampering
• Privilege Escalation
• Log Poisoning
• Weak SSL Ciphers
• Cookie Modification
• Source Code Analysis
• HTTP Header modification
• Session Fixation
• Clickjacking

WHO SHOULD ATTEND?

If you are tasked with implementing, managing, or protecting web applications, then this course is for you. If you are a cyber or tech professional who is interested in learning or recommending mitigation methods to a myriad of web security issues and want a pure hands-on program, then this is the course you have been waiting for.
• Penetration Tester
• Ethical Hacker
• Web Application Penetration Tester
• Security Engineer/Auditor
• Red Team Engineer
• Information Security Engineer
• Risk/Vulnerability Analyst
• Vulnerability Manager
• Incident Responder

COURSE CONTENT

100% hands-on lab-based learning about application vulnerabilities and web application hacking. The course provided the challenger with the ability to follow an instructor as they make their way through the challenges.

EXAM OVERVIEW

A fully online, remotely proctored practical exam that challenges candidates through a grueling 6-hour performance-based, hands-on exam. The exam assesses candidates’ skills and proficiencies on a broad spectrum of OWASP Top-10 web application vulnerabilities and attack vectors. The assessment is not limited to only the understanding of automated exploitation frameworks but requires a deep understating of various web application technologies, their inherent and acquired
vulnerabilities, and manual exploitation techniques.
• Exam TITLE: WAHS
• Duration: 6 hours
• Availability: ECC Exam Portal

For FULL COURSE OUTLINE, please contact us. Please contact us for the schedules and for booking a private class.

Inquire Now