Post on 27-Jun-2020
Enterprise Solution Professionals on Information and Network
Enterprise IT Solutions (Hardware, Software, Services)
Shared Service and Outsourcing
Technology Products Distribution and Trading
E-SPIN COMPANY PROFILE
E-SPIN COMPANY PROFILE
who we are
what we do
E-SPIN stand for Enterprise Solution Professionals on Information and Network.
anadreP ,B3/8 UJP nalaJ ,2-12 ta detacol retrauqdaeH .5002 ni dehsilbatse ynapmoc dleh yletavirp si DHB NDS NIPS-E
Business Centre, Damansara Perdana, 47820 Petaling Jaya, Selangor, Malaysia.
Vision: to be leading enterprise solution provider in deliver enabling solution for customer to remain competitveness in
their respective marketplace.
E-SPIN is a leading enterprise IT solutions and outsourcing service provider with a unique approach to enterprise solution
offers a comprehensive best of the breed solutions from respective technology partners, combined with experienced in house
solutions consulting, network and system integration, web development and application integration, product training, skill
certification, project management, maintenance support, and managed outsourcing services to deliver end-to-end value
adding solutions for corporate, enterprise, government and reseller business customers.
Mission: To deliver end-to-end value-adding solutions in Share Service and Outsourcing (SSO); Information
Communication Technologies (ICT) Solutions in combination of hardware, software and services; Web
Design and Portal Development, Application Development and Integration.
Consulting based on client current situation and requirement.
Solutions development and plan presentment
Project hardware, software and service sourcing and procurement.
Project management and implementation serviive
System requirement analysis and design.
Prototype and mockup development.
Acceptance test, quality assurance, penetration test.
Training, certification and skill transfer.
Project hardware, software and service maintenance support.
Managed outsourcing.Solution Buying Facilitation, Consultancy
Network and System Integration, Distribution
Web Development and Application Integration
Managed Service and Outsourcing
E-SPIN SDN BHD ALL RIGHT RESERVEDc
Since 2005, E-SPIN has successfully works with organizations throughout Malaysia, then regionally and now globally in every industry, in the public and private sectors, and of every size, from start up to the listed corporation. Our customers include banks and other financial services firms; manufacturers; trading and service providers; media, entertainment and broadcasters; telecommunications and data center providers; transportation and logistics companies; oil, gas, chemical and utilities companies; pharmaceutical, medicine, health care and hospitals; educational institutions; technology value added resellers (VARs), system integrators (SIs), independent software vendors (ISVs) and IT outsourcing (ITO) providers; public sector agencies from federal to state government to military agencies on various E-SPIN solutions and service portfolios.
Below is a sampling of our clients and customers from different industry and sector.
who we serve
E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc
BUSINESS APPLICATION AND TECHNOLOGY TRANSFORMATION
AVAILABILITY , STORAGE AND BUSINESS CONTINUITY
SECURITY, RISK AND COMPIANCE MANAGEMENT
END-TO-END VALUE ADDING SOLUTIONS AND OUTSOURCING
Business Domain
E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc
�������������� ���������������������������������� �������������������������������������
Web Application Security Scanner
• Is your website hackable?
• 70% of the websites are at serious risk of being hacked
• Web applications attack accounts for up to 70% of all
cyber attacks
Website security is possibly the most overlooked aspect of securing the enterprise and should be a priority in any organization. Hackers are concentrating their efforts on web applications such as shopping carts, login pages, forms, dynamic contents and etc.
Web applications are accessible 24 hours a day, 7 days a week and control valuable data since they often have direct access to the backend database such as customer database, credit card details and etc.
Firewalls, SSL and locked-down servers are futile against web application hacking
Any defense at network security level will provide no protection against web application attacks since they are launched on port 80 - which has to remain open. In addition, web applications are often tailor-made therefore tested less than off-the-shelf software and are more likely to have undiscovered vulnerabilities.
How Does Hacking Work?
Acunetix Web Vulnerability Scanner
To safeguard your enterprise’s web applications from hackers,
E-Spin represented Acunetix Web Vulnerability Scanner is the solution you needed!
E-Spin represented Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing.
In short, this powerful tool allows you to scan and automatically checks your web applications for SQL Injection, Cross Site Scripting (XSS) & other web vulnerabilities.
Acunetix History
Acunetix has pioneered the web application security scanning technology: Its engineers have focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection.
How Acunetix Works?
Acunetix WVS has the ability to scan for vulnerability in web applications, provide fixing recommendations and reporting tool to ensure web applications are less hackable or exploitable from hackers. The software will perform typical work of a hacker by trying to scan and execute various hacking methods(non-destructive methods) to exploit the web applications. As a result, it will list down all the success attempts and in what scenario in order to enable developers to record which applications are exploitable and facilitate them to close the application vulnerability.
All in all, Acunetix WVS is a software that provides automatic or manual way to search for software vulnerability within web applications and reports it as well as recommend ways to fix the problem.
Acunetix WVS Key Features
1. AcuSensor Technology
-New technology that allows you to identify more vulnerabilities than a traditional black box scanner whilst generating less false positives.
-Faster locating and fixing of vulnerabilities, whilst providing more information about each vulnerability. For instance, source code line number, stack trace and affected SQL query.
-Check for web application configuration. Example misconfiguration of web.config or php.ini
2. In depth checking for SQL Injection, XSS and Other Vulnerabilities
-Known Static Methods : -Unknown Dynamic Methods:
-Specific Web Applications known exploits -SQL Injection
-Directory enumeration -Cross Site Scripting (XSS)
-Known web server exploits -Directory and Link Traversal
-Known web technology exploits (e.g php) -File Inclusion
-Known network service exploits (e.g DNS, FTP) -Source Code Disclosure
3. Port Scanner and Network Alerts
-Scan web server for open port
-Also run network alert checks against network services running on open ports such as DNS cache poisoning, SNMP weak community strings, weak SSH ciphers, etc.
4. Detailed Reports
-able to generate different official and technical report (can customize report)to meet different users requirement: from executive summary, vulnerability report, compliance (HIPPA, PCI, OWASP, SOX, WASC) pre and post comparison report, statistical reports, etc.
5. Advanced Penetration Tools
-Allow penetration testers to tune web application security checks
HTTP Editor:- construct HTTP/HTTPS requests and analyze the web server response
HTTP Sniffer:- intercept, log and modify all HTTP/HTTPS traffic and reveal all data sent by web application
HTTP Fuzzer:- perform sophisticated testing for buffer overflows and input validation
Blind SQL Injector:- automated database data extraction tool that is perfect for making manual test that allows further testing for SQL Injections.
6. Scan Ajax and Web 2.0 Technologies
- The Client Script Analyzer (CSA) engine allows comprehensive scan of the latest and most complex Ajax/Web 2.0 for vulnerabilities
7. Test Password Protected Areas and Web Forms
-With automatic HTML form filler, it enables to fill in web forms and authenticate against web logins. The form filling process is stored and the sequence will be used when scanning.
8. Analyze Website against the Google Hacking Database
-Google Hacking Database (GHDB) is a database queries used by hackers to identify sensitive data on your website such as portal logon pages.
-Acunetix launches GHDB onto your website and identify loopholes before the hackers do
Benefits to Organization
• IT Security Greatly Enhanced.
-Acunetix’s unmatched automated and flexible manual scan capabilities provide comprehensive or selective area scan
-Able to have truly secure web application in place which has been tested against various hacking attack to avoid unnecessary exploitation that will jeopardize the organization’s image
• Time Saving
- By using automated scanning, it off loads the ongoing routine scanning tasks (if administrator allowed to do so based on company configuration), hence administrator can focus his time to perform value added service like interpret the report and communicate the report finding.
-In addition, administrator will be flexible enough to conduct a manual specific scan (based on methods) in order to confirm whether the vulnerabilities have been fixed.
• Reports
-With Acunetix capable of generating various reports, IT security staff is empowered to be proactive in managing security measures and ongoing compliance audit and monitoring
-Based on the true and transparent report on all web applications vulnerabilities, IT security staff are able to communicate those findings to respective parties for fixing, reporting and compliance purposes
• Compliance
-Able to meet various legal and regulatory compliance
SYSTEM REQUIREMENTS:
-Windows XP, Vista, 2000, 2003 and 2008 server, Windows 7
-Internet Explorer 6 or higher
-250 MB of hard disk space
-1GB of RAM
Screenshot(s)
In Depth checking for SQL Injection iew of remote desktops
Acusensor Technology: Identifying more vulnerabilities
Screenshot(s)
Port Scanner and Network Alert
Detailed Report
Screenshot(s)
Advanced Penetration Tools
Analyze site against Google Hacking Database
������������
����������������������������������������������������������������������������� �!����� ����"��������#$�%�"&�%��'�����(�����������)����%���*�+'�,-..�+���$-..�+�!��'���������)����/����0/((����!���
%�"�1�
� ����������� !��� � "������������
� �� !�������#���� ��� �����������
� ��#����$���%!��� &'��'��(��)����������
� ��%!���$� ��%!��� ������������������������� �!����� ����"��������
� ��%!���$� ��!���� *���+�
� ��!����$� �!���� ,���������� �����-�����
�������"�.���������
������������������ �����-�����
������������������ �����-�����
/�(����� �������
�� �)��0��(����&������
� �!����$� ����� 2����/�'�%���"�������������!��
• ,���������� �����-�����• 0��)�������� �����-�����• � �������1������������(��2������������
� �����$�#����� 3�� 2�
� #�����$�%� !�� 2����/�'�%���"�������������!��#�������&�
• 4������������������� ��'��������56� ���• ����7�����������)��������
� %� !��$�%�%��� *���+�
� %�%���$�8�8!�� ����������*������"�
• *�� +���-�� ������� �������(��2����� �� ���������7���)����� +�• 0��)�������������������2�� ���������� 2�������
� 8�8!��$�!����� ������������"�'��(��)��2��5���
�
� �
�
%�"�3�
� ������������!��� � "������������
� �� !�������#���� "�'��(��)�������������������� �������
� ��#����$� ��#���� *����)���'������������*����
• ����7������(����������� �����• ����������2�� ��(������� ����• ����7�����2����)��������� ���� ��������2�� ��(����• 0��)���������2��0��(����
� ��#����$� ��%!��� *���+�
� ��%!���$� �%!��� *����)���'�*�����4�����*����
*����)���'��� ���+�����������*����
� �%!���$� ����� *����)���'�5������67���8�����
• ,������������(���������/������.�����• 9-��� �����5����• 6����9-��� ����������• 9-� �����:3�:����������• 0��)���������2��*������:3�,�;� ����
� �����$�#����� 3�� 2�
� #�����$�%� !�� *����)���'�2**�� ������*����
• 0������������7�������� ������/������.�������������'������������• 9���������"�.�����• 6�����������"�.��������������7����"��������
� %� !��$�%�%��� *���+�
� %�%���$�8�8!�� *����)���'�2**�����((��*����
• 9���������2��/�������))���• /�������))�������6�������• 0����������/�������))�������6������• 9����������/����"�.�����(��2����������• 0��)���������2��/�������))���
� %�8!��$�8�8!�� *����)���'�2**��4�99��*����
• 0����������"�������������� ��������������������)�,�����• 4��2������/����"�.�����• 0��������5����4����������• 0��������6�77���6�������
� 8�8!��$�!����� ������������"�'��(��)��2��5���
�
� �
�
%�"�:�
� ������������!��� � "������������
� �� !�������#���� "�'��(��)�������������������� �������
� ��#����$� ��#���� *����)���'��������������*����*����
• ���������2���������2���)����(�����(��2���/�������/��3�)��������2���� ��������'�����������'������� ������������ +�
• ��������/������2���� ������• ��������/��3�6������2���� ������
� ��#����$� ��%!��� *���+�
� ��%!���$� �%!��� *����)���'���+�����������*����
• ����7���2����))���� ������(����#�� ������)�����������))�������������• 0��������"�������• ����7�����2��"�������0���������
� �%!���$� ����� *����)���'����������� ���;����
• ������������������'� ��� ���• �������'� ���9������• /����9������9-����
� �����$�#����� 3�� 2�
� #�����$�%� !�� *����)���'�*��������
• "���������������������0����������• 5�'������"�����• 9-� ���'��"�����• ��������������"�����• � ���0���������"�����• �������� ���"������• 0������ ��"������• 4������������"����<��������� ����0������������������ ����0������ ��• �2��"��������(���• ����5��������
� %� !��$�%�%��� *���+�
� %�%���$�8�8!�� *����)���'���++����7�����������
• /��������� 2�)���������� ������������������������������������'�����+��• �2������0�������� ������• 0�������3�������������������&������
*����)���'��������
• 0����������� 2�������� ���
� 8�8!��$�!����� ������������"�'��(��)��2��5���
�
� �
�
%�"�<�
� ������������!��� � "������������
� �� !�������#���� "�'��(��)�������������������� �������
� ��#����$� ��#���� *����)���'�!����� ����"� ������
• �����-�������������������• ���������������������������• 9��������2����������������5�� �������• �� �)������2����2����������������02� +������ �����• �� �)��������������������
� ��#����$� ��%!��� *���+�
� ��%!���$� �%!��� *����)���'�!����� ����"� ������#�������&�
• ����������9-�������• 5�)�������2��"�.��������������������2�������• ����7�����2��"�����������5�)������������������• ����������������������,����
� �%!���$� ����� *��� ����������
• 0�������+�:�������������"�����������
� �����$�#����� 3�� 2�
� #�����$�%� !�� � �������������������"�(��+���(�����%;������������;�
• ��)�(����5�'�������<�'�����2���� �� ������������������� �������� �����������+���
� %� !��$�%�%��� *���+�
� %�%���$�8�8!�� � �������������������"�(��+���(�����%;������������;�#�������&�
• ��)�(����5�'�������<�'�����2���� �� ������������������� �������� �����������+����
� 8�8!��$�!����� ������������"�'��(��)��2��5���
�
� �
�
%�"�$�
� ������������!��� � "������������
� �� !�������#���� "�'��(��)�������������������� �������
� ��#����$� ��#���� � �������������������"�(��+�������"�������������������;�
• /������ �'��(��)��2���� ��������)������ ������)�����������7������• ������������������� ����������=��(��+��� ���������������� ������• *�� +���-���������• /������� ������ �������• ���� ��0������������
� ��#����$� ��%!��� *���+�
� ��%!���$� �%!��� � �������������������"�(��+�������"�������������������;�#�������&�
• �������,����������������������������������• ,� ����������������������)��������)����'��������� 2�� ��������������������'�������
2������ �)����(��+�)�������������>�� ������'����������)�����������������?�������)� ��������)����������������������� ��������������������7�������)�� ������
� �%!���$� ����� � �������������������"�(��+�������"�������������������;�#�������&�
• +��(����������(��2�2���������-����� ���������������• ���������������������)��2����������������)�����'������@����'����'�������������������������• �� 2�� ����-�����������2������������)������������������• � ����� 2�� ���������������2������������������������������������������������� ����������2���
��))��������� ��'������(��2����2��)����(��+�• ���������������������)��2��������7����������������������������� �����.����������
����������2����(��+�
� �����$�#����� 3�� 2�
� #�����$�%� !�� 2����/�'������������������� ����0�� ������������� "�����"����=�������������
0��)����������� �������(�������@�(������ ������
����7�����2����������(��2���'�� �����������������
� %� !��$�%�%��� *���+�
� %�%���$�8�8!�� 2����/�'������������������� ����0�� ������������� "�����"����=�������������#�������&�
• "���������2��������������2��)��������.������• ,������������2������������'����������������������• 5���'����� �������� �������������
� 8�8!��$�!����� ������������"�'��(��)��2��5���
��
%������������=�����������������(������������"���� ���� �������������������+�"� ��������������������������������>���+��-� ���������� ������������� ��������+�������+�"����+�"����� � �������;������� �(�� ��������((������ >���������������;���������(������((�-�
4��� +���� ����� �������� ������ �%�-� 52%-� ��� #?.:&� @@3A� 3A??�� +���� ��(�B���������-��+� �� ��� ���(� ���� � ���� ���-���������-��+�(���+�����(��+�����-��
Enterprise Solution Professionals on Information and Network
E-SPIN COMPANY PROFILEWeb App Penetration Testing and Ethical Hacking (6MD Course)
E- Business & Web Solutions
IT Solutions (Hardware, Software, Services)
Business Process & Technology Outsourcing
E-SPIN SDN BHD ALL RIGHT RESERVEDc
Web App Penetration Testing and Ethical Hacking
Assess Your Web Apps in Depth
Web applications are a major point of vulnerability in
organizations today. Web app holes have resulted in the theft
of millions of credit cards, major financial and reputational
damage for hundreds of enterprises, and even the compromise
of thousands of browsing machines that visited Web sites
altered by attackers.
In this intermediate to advanced level class, you’ll learn the
art of exploiting Web applications so you can find flaws in
your enterprise’s Web apps before the bad guys do. Through
detailed, hands-on exercises and training from a seasoned
professional, you will be taught the four-step process for Web
application penetration testing.
You will inject SQL into back-end databases, learning how
attackers exhilarate sensitive data. You will utilize Cross-
Site Scripting attacks to dominate a target infrastructure in
our unique hands-on laboratory environment. And you will
explore various other Web app vulnerabilities in depth with
tried-and-true techniques for finding them using a structured
testing regimen. You will learn the tools and methods of the
attacker, so that you can be a powerful defender.
On day one, we will study the attacker’s view of the Web as well
as learn an attack methodology and how the pen-tester uses
JavaScript within the test. On day two, we will study the art of
reconnaissance, specifically targeted to Web applications.
We will also examine the mapping phase as we interact with a
real application to determine its internal structure. During day
three we will continue our test by starting the discovery phase
using the information we gathered on day two.
We will focus on application/server-side discovery. On day four
we will continue discovery, focusing on client-side portions of
the application, such as Flash objects and Java applets. On day
five, we will move into the final stage of exploitation. Students
will use advanced exploitation methods to gain further access
within the application. Day six will be a Capture the Flag
event where the students will be able to use the methodology
and techniques explored during class to find and exploit the
vulnerabilities within an intranet site.
Throughout the class, you will learn the context behind the
attacks so that you intuitively understand the real-life applications
of our exploitation. In the end, you will be able to assess your
own organization’s Web applications to find some of the most
common and damaging Web application vulnerabilities today.
By knowing your enemy, you can defeat your enemy. General
security practitioners, as well as Web site designers, architects,
and developers, will benefit from learning the practical art of
Web application penetration testing in this class.
E-SPIN SDN BHD ALL RIGHT RESERVEDc E-SPIN SDN BHD ALL RIGHT RESERVEDc
Web App Penetration Testing and Ethical Hacking
Understanding the attacker’s perspective is key to successful Web
application penetration testing. We will begin by thoroughly
examining Web technology, including protocols, languages,
clients, and server architectures, from the attacker’s perspective.
In this portion of the class we will also examine different
authentication systems, including Basic, Digest, Forms, and
Windows Integrated authentication, and discuss how servers
use them and how attackers abuse them.
Following this, we will discuss the four steps that make up
our process for conducting Web application penetration tests:
reconnaissance, mapping, discovery and exploitation. During
the next few days, we will delve into each of these steps more
deeply.
On the second day we will start the actual penetration testing
process, beginning with the reconnaissance and mapping phases.
Reconnaissance includes gathering publicly available information
regarding the target application and organization, identifying
the machines which support our target application, and building
a profile of each server, including operating system, specific
software, and configuration. Our discussion will be augmented by
practical, hands-on exercises in which we conduct reconnaissance
against an in-class target.
In the mapping phase, we will build a map or diagram of the
application. In order to do this, we identify the components,
analyze the relationship between them, and determine how the
pieces work together. We will specifically consider how the session
management system works within an application. This will help
us identify potential vulnerabilities during the next sections.
In this section, we will continue to explore our methodology with
the discovery phase. We will build upon the information started
yesterday, exploring methods to find and verify vulnerabilities
within the application. The students will also begin to explore
the interactions between the various vulnerabilities.
After we cover vulnerabilities, we will explore the different user
interfaces that Web apps expose to clients. This will include an
exploration of various automated and manual tools, such as w3af,
Burp Suite, and the SamuraiWTF pen-testing environment.
Throughout the discovery phase, we will explore both manual
and automated methods of discovering vulnerabilities within
applications and discuss the circumstances under which each
is appropriate.
Overview of the Web from a penetration tester’s
perspective
Exploring the various servers and clients
Discussion of the various Web architectures
Discover how session state works
Discussion of the different types of vulnerabilities
Define a Web application test scope and process
Define types of penetration testing
Discover the infrastructure within the application
Identify the machines and operating systems
SSL configurations and weaknesses
Explore virtual hosting and its impact on testing
Learn methods to identify load balancers
Software configuration discovery
Explore external information sources
Google hacking
Learn tools to spider a Web site
Scripting to automate Web requests and spidering
Application flow charting
Relationship analysis within an application
JavaScript for the attacker
Learn methods to discover various vulnerabilities
Information leakage
Username harvesting
Command injection
SQL injection
Blind SQL injection
Cross-Site Scripting (XSS)
Cross-Site Request Forgery
Session issues
Topics Covered
Topics Covered
Topics Covered
For the first day, we will review the fundamental principles of each
phase and discuss how we will use them together as a cyclical attack
process. Next, we will cover the types of penetration testing and
what pieces need to be part of the report. As the final part of
the day, we will explore and learn JavaScript from an attacker’s
perspective.
Day 1 The Attacker’s View of the Web
Day 2 Reconnaissance and Mapping
Day 3 Server-Side Discovery
E-SPIN SDN BHD ALL RIGHT RESERVEDc
Web App Penetration Testing and Ethical Hacking
On day four students will start exploring client side portions of
the Web site. We will cover methods to discover vulnerabilities
within client-side code, such as Java applets and Flash objects. We
will learn how to use tools to decompile the objects and applets
to find vulnerabilities. Tools such as Flare and JAD will be used
during hands-on exercises. This will include a detailed discussion of
Web Services and AJAX in which we will explore how AJAX and
Web service technology enlarge the attack surface that penetration
testers leverage. We will also explore the how AJAX and Web
services are affected by the vulnerabilities already explored.
Students will also be able to understand the ways that these
client-side components can be used to attack other portions of
the network and Web application. Students will also be using
various tools and methods to discover ways to interact with Web
applications bypassing these client-side controls.
Students will also work through sections on both Python and
PHP. These sections focus on the use of these languages during a
penetration test and from the view of an attacker.
On the fifth day we will launch actual exploits against real-world
applications. In this component, we will build upon the previous three
steps, expanding our foothold within the application and extending
that to the network on which it resides. As penetration testers,
we will specifically focus on ways that we can leverage previously
discovered vulnerabilities to gain further access, highlighting the
cyclical nature of our four-step attack methodology.
During our exploitation, we will use tools such as the Burp Suite
and Paros Proxy to assist us in crafting exploits against real-world
applications like Wordpress and AWStats. We will launch an SQL
injection attack against Wordpress, intercepting real transactions
and modifying them. We will use Cross-Site Scripting attacks
against phpMyAdmin and phpBB to steal cookies and sessions
from other users. We are also going to explore the use of attack
frameworks, such as AttackAPI and BeEF. We will discuss how
the frameworks can assist us in our testing process, gaining access
to browser history, port scanning internal networks, and searching
for other vulnerable Web applications through zombie browsers.
Learn methods to discover various vulnerabilities
Information leakage & Username harvesting
Command injection
SQL injection & Blind SQL injection
Cross-Site Scripting (XSS) & Cross-Site Request
Forgery
Learn methods to decompile client-side code
Flash & Java
Explore malicious applets and objects
Discovery vulnerabilities in Web application through
their client components
Understand methods for attacking Web services
Understand methods for testing Web 2.0 and AJAX
based sites
Learn how AJAX and Web services change penetration
tests
Learn the attacker’s perspective on Python and PHP
The use of these languages during our attack
The ability to expand the tools we are using
Explore methods to zombify browsers
Discuss using zombies to port scan or attack internal networks
Explore attack frameworks
AttackAPI
XSS-Proxy & BeEF
Walk through an entire attack scenario
Exploit the various vulnerabilities discovered
Leverage the attacks to gain access to the system
Learn how to pivot our attacks through a Web application
Understand methods of interacting with a server through
SQL injection
Exploit applications to steal cookies
Execute commands through Web application vulnerabilities
Topics Covered
Topics Covered
Day 4 Client-Side Discovery
Day 5 Exploitation
Day 6 Capture the Flag
We will also explore multiple exploit attacks. This is where the
student will build complex attack series to gain much greater access
within the Web applications. By fully uncovering vulnerabilities
within applications using the same resources as attackers, we can
provide organizations with the best assessment possible.
During day six of the class students will be placed on a network and
given the opportunity to complete an entire penetration test. The
goal of this capture the flag event is for the students to explore the
techniques, tools, and methodology they have learned over the last
five days. They will be able to use these ideas and methods against
a realistic intranet application. At the end of the day, they will
provide a verbal report of the findings and methodology they
followed to complete the test. Students will be provided with a
virtual machine that contains the SamuraiWTF Web penetration
testing environment. They will be able to use this both in the class
and after leaving and returning to their normal jobs.