Check Point

Doing what's right for the customer

Nexum Check Point

There is no upcoming training scheduled right now. Please check back soon.

This is an entry level web application security testing course and is a pre-requisite for the Advanced Web Hacking course. Tools and techniques will be taught in the 2-day course. If you would like to step into the world of ethical hacking / penetration testing with a focus on web applications, then this is the class for you.

Prerequisites

This is an entry level web application security testing course and is a pre-requisite for the Advanced Web Hacking course. Who should take this class?
  • System administrators
  • Web developers
  • SOC analysts
  • Penetration testers
  • Network engineers
  • Security enthusiasts
  • Anyone who wants to take their skills to the next level

Objectives

This curriculum introduces you to Web Application Hacking.
  • Practical focus
  • Learn how web application security flaws are found
  • Discover leading industry standards and approaches
  • Use this foundation to enhance your knowledge
  • Prepare for more advanced web application topics

Agenda

Day 1: Information gathering, profiling and cross-site scripting
  • Understand HTTP protocol
  • Identify the attack surface
  • Username enumeration
  • Information disclosure
  • Issues with SSL / TLS
  • Cross-site scripting
Day 2: Injection, flaws, files and hacks
  • SQL injection
  • XXE attacks
  • OS code injection
  • Local / remote file include?
  • Cryptographic weakness
  • Business logic flaws
  • Insecure file uploads