HBN Reloaded : Developer

There’s a web application for most parts of our Internet lives and to a degree, our daily lives. With this large surface area, there’s no doubt that they are often the entry point for most breaches. If you look at some of the biggest hacks in the last 18 months, the compromises can be largely attributed to flaws in a web applications.

Learn about the vulnerabilities that hackers are using to attack your applications, so that you can defend against them, using the recommendations and techniques obtained during the course.

This two day course has enough theory to ensure you understand what you are trying to achieve, but with a heavy focus on practical exercises. Students should expect lots of hands on hacking with some of the finest hackers in the industry!

Course Topics

The fundamentals – setting the foundation. Testing basics, tools of the trade, HTTP and related technology introduction.

Know your enemy – reconnaissance, enumeration and landscape discovery.

Breaking bad – the application series:

  • Authentication.
  • Session Management.
  • File upload and inclusion.
  • Command injection.
  • SQL Injection.
  • XML and XML Entity Injection.
  • XPath and LDap Injection.
  • Cross-Site Scripting (Reflective, Persistent and DOM based).
  • Cross Site Request Forgery.
  • Attacking WebServices (XML, JSON)
  • Client side technologies such as Flash, Silverlight and ActiveX
  • Cryptography.

Student Requirements

Students need to ensure they have the necessary level of skill. No hacking experience is required for this course, but a solid technical grounding is an absolute must. This includes basic Linux operating system knowledge, a basic understanding of web applications and networking fundamentals.

Who Should Take This Course

This course is ideally suited to those wishing to learn how to develop secure web applications, that are resilient to the attacks that we are seeing in the real world.

Pricing, Location and Availability

This is a two-day course that can be presented at your premises (in-house) or at local training centres. Prices are available on request.