WEBAPP SECURITY / RT422

FIVE   |   EIGHT   |   85%   |   40

           SCENARIOS                   LABS                       HANDS-ON           DURATION

The Web Application security course will help participants understand major web application flaws and their exploitation, as well as learn a proven process for locating these flaws consistently. This training program's primary goal is to help security specialists understand web application risks in their organization and learn how to conduct web app security assessments, mitigate the vulnerabilities, and write technical reports.

LAB 01

HTML and PHP

LAB 02

Injecting Data

LAB 03

Using Scanners

LAB 04

SSL Vulnerabilites

LAB 05

Hijacking Sessions

LAB 06

File Handling

LAB 07

BurpSuit Advanced

LAB 08

SQL Injections

Scenario: WSA001

A group of Iranian hackers hacked the US Government websites; this action was referenced to the death of Qassem Soleimani. As a preventive action, you have been assigned to initiate a full security assessment of the website to make sure it won’t happen again.

Annotation 2020-05-21 224555.jpg

Scenario: WSA002

A significant security vulnerability was discovered in the popular social media app TikTok. An XSS vulnerability gives access to the attacker to manipulate with data. You have been recruited to end the content leak and protect the exposed sensitive data.

Annotation 2020-05-21 224659.jpg

Scenario: WSA003

Webkinz, a children’s game, suffered a cyberattack that caused significant leakage of 23 million user’s credentials. Due to primal investigation, the hacker gained access to the company’s’ database through an SQL Injection attack at one of the website’s forms. Your mission is to detect the vulnerability and mitigate it.

photo_2020-04-19_02-55-53.jpg

Scenario: WSA004

Bam Construct has suffered a cyberattack that leads to server shut down. The hacker gained access to parts to the company’s IT system. Your mission is to test the company website for any security issues.

unnamed.jpg

Scenario: WSA005

Pitney Bowes, a Connecticut based company, was a target for a ransomware attack. The company confirmed the attack was on its website and currently working to restore the affected systems. You have been hired to test possible mitigation solutions to minimize the risk of another attack.

photo_2018-11-28_16-39-50.jpg

© 2020 by ThinkCyber

THE 2020

CYBERIUM