Train together, save more! 10% off individual registration, 20% off for pairs.
×
(+212) 6 60 10 42 56
Log in
Forgot password
Or create your account
You have just added to your selection
Your cart is empty, See our trainings

Description

This advanced training course will allow you to enrich your skills to protect yourself and better react to the many threats on the Web. You will see how to audit the security of your applications, test them and implement the most appropriate countermeasures.

Who is this training for ?

For whom ?

Network and system administrators, Webmasters.

Prerequisites

Training objectives

Training program

    • Cross-Site Scripting (XSS) attack.
    • Command injection and SQL injection.
    • Denial of Service (DoS) attacks.
    • Distributed Denial of Service (DDoS).
    • Buffer overflow.
    • The OWASP project (Open Web Application Security Project).
    • Practical work Setting up a Web server with vulnerabilities to observe its behavior.
    • Demonstration of the exploitation of a buffer overflow.
    • Basic concept and importance.
    • The accounts created to carry out the tests.
    • The fictitious folders, can we do without them? The sequences of tests and development are they still present in production?
    • Approach and set up an audit.
    • Properly manage interaction with the database.
    • Set up secure authentication.
    • Exploitation of an authentication flaw.
    • Management of errors, exceptions and logs.
    • Know how to analyze and correlate log information .
    • Good practices for having secure forms.
    • Example of using a poorly developed form.
    • Practical work Implementation of a three-tier infrastructure, client, Web server and databases.
    • Simulation of an attempted attack.
    • Analysis and solution.
    • Reminders of the basic principles.
    • Implement encryption in an application.
    • Possible exploitations.
    • Test if an application is well protected by encryption.
    • Encryption applications on the market.
    • Practical work Implementation of a private certification authority with integration of certificates into an application.
    • How to test before putting into production.
    • Fingerprinting: identifying the characteristics of the server (web engine, framework, applications).
    • Using a web spider to detect broken links, pages with or without authentication and encryption.
    • How to measure the availability of an application with a simulation.
    • Practical work Example attempt attacks and fingerprinting.
    • How to write a web spider to detect broken links.
    • Check authentication on pages.
  • 906
  • 21 h

Submit your review

Training in our centers
Reference
PL-63
Duration
3 Days ( 21 hrs)
Request a quote
Training in your company
Reference
PL-63
Duration
3 Days ( 21 h)
Request a quote
On-demand training

Interested in this topic? Our experts design your customized training!

Contact us
Translated By Google Translate