Aperçu du cours
Objectif de formation : Cette formation englobe analyse et compréhension des différents éléments axés applications web pour une exploration du domaine des vulnérabilité et attaques orientées WEB
Programme d'études
-
Web Application Assessment Concepts
-
Penetration Testing
-
Application Penetration Testing
-
Risk Assessment and Management
-
OWASP Testing Guide
-
Web Application Security Consortium Threat Classification
-
Penetration Testing Execution Standard
-
Pre-Engagement Interactions
-
Intelligence Gathering
-
Threat Modelling
-
Vulnerability Analysis
-
Exploitation
-
Post Exploitation
-
Reporting
-
OWASP Zed Attack Proxy (ZAP)
-
BurpSuite
-
Browser Exploitation Framework (BeEF)
-
Other Tools
-
-
Web Application Reconnaissance
-
Reconnaissance – WHOIS
-
Reconnaissance – Domain Name System (DNS)
-
Reconnaissance – Virtual Host (vHost) Discovery
-
Open-Source Intelligence (OSINT) – Definitions
-
Open-Source Intelligence (OSINT) – Frameworks & Tools
-
Protocols – Hypertext Transfer Protocol (HTTP)
-
Protocols – Hypertext Transfer Protocol (HTTP) – Cookies
-
Protocols – Hypertext Transfer Protocol (HTTP) – Headers
-
Protocols – Hypertext Transfer Protocol (HTTP) – Request Methods
-
Protocols – Hypertext Transfer Protocol (HTTP) – Status Codes
-
Protocols – Hypertext Transfer Protocol (HTTP) – 1.0, 1.1, 2.0 & 3.0
-
Protocols – Hypertext Transfer Protocol (HTTP) – Cross-Origin Resource Sharing (CORS)
-
Protocols – Hypertext Transfer Protocol (HTTP) – Content Security Policy
-
Protocols – Secure Sockets Layer (SSL)
-
Protocols – Secure Sockets Layer (SSL) – Configuration
-
Protocols – Secure Sockets Layer (SSL) – Weaknesses
-
Interception Proxies – Definitions & Types
-
Interception Proxies – Fiddler
-
Interception Proxies – BurpSuite Proxy
-
Interception Proxies – OWASP Zed Attack Proxy (ZAP) Proxy
-
SSL Proxying – Definition
-
SSL Proxying – Through BurpSuite Pro
-
SSL Proxying – Through OWASP Zed Attack Proxy (ZAP)
-
-
Content Discovery, Authentication and Session Testing
-
Content Discovery – Logging and Monitoring
-
Content Discovery – Website Spidering
-
Content Discovery – Content Analysis
-
Authentication – Web Authentication Mechanisms – Cookie-Based Authentication
-
Authentication – Web Authentication Mechanisms – Token-Based Authentication
-
Authentication – Web Authentication Mechanisms – Third Party Access (OAuth, API Token)
-
Authentication – Web Authentication Mechanisms – OpenID
-
Authentication – Web Authentication Mechanisms – SAML
-
Authentication – Username Harvesting
-
Authentication – Password Guessing
-
Authentication – Authentication and Authorisation Bypass
-
Session Testing – Brute Forcing Unlinked Files
-
Session Testing – Brute Forcing Directories
-
Session Testing – Burp Sequencer
-
Tools – Fuzzing with ZAP
-
Tools – Fuzzing with ffuf
-
Tools – Fuzzing with Burp Intruder
-
Sessions – Session Management
-
Sessions – Session Attacks
-
Training Platforms – Mutillidae
-
-
Injection, Inclusion, and XML External Entity (XXE)
-
Traversal Attacks – Directory Traversal
-
File Inclusion Attacks – Local File Inclusion (LFI)
-
File Inclusion Attacks – Remote File Inclusion (RFI)
-
SQL Attacks – SQL Injection
-
SQL Attacks – Blind SQL Injection
-
SQL Attacks – Error-Based SQL Injection
-
SQL Attacks – Exploiting SQL injection
-
SQL Attacks – Tools – sqlmap
-
Injection Attacks – Command Injection
-
Injection Attacks – Insecure Deserialisation
-
Injection Attacks – XML External Entity (XXE)
-
-
XML External Entity (XXE) Deep Dive
-
Client-Side Attacks – Cross-Site Scripting (XSS)
-
Tools – Browser Exploitation Framework (BeEF)
-
Techniques – Asynchronous JavaScript and XML (AJAX)
-
Languages – Extensible Markup Language (XML)
-
Languages – JavaScript Object Notation (JSON)
-
Models – Document Object Model (DOM)
-
Attacks – Application Programming Interface (API)
-
Attacks – Application Programming Interface (API) – Authentication Hijacking
-
Attacks – Application Programming Interface (API) – Data Exposure
-
Attacks – Application Programming Interface (API) – Parameter Tampering
-
Attacks – Application Programming Interface (API) – Unencrypted Communications
-
Principles – Representational State Transfer (REST)
-
Protocols – Simple Object Access Protocol (SOAP)
-
-
Request Forgery, Logic Flaws and Advanced Tools
-
Web Attacks – Cross-Site Request Forgery (CSRF)
-
Web Attacks – Server-Side Request Forgery (SSRF)
-
Web Attacks – Application Logic Attacks
-
Programming – Python for Web Application Penetration Testing
-
Tools – WPScan
-
Tools – ExploitDB
-
Tools – BurpSuite Pro Scanner
-
Tools – Metasploit
-
Business of Penetration Testing – Preparation
-
Business of Penetration Testing – Post Assessment and Reporting
-
Instructeur
