Web Application SecurityTa

ble

of

Co

nte

nt

1Introduction to Cyber Security

What is Cyber Security?

Need of Cyber Security

Common Terminologies

Career and GrowthHacking as a Career

Domains of Cyber Security

Job Oppo�unities

Threats to the Cyber WorldNon-IT Threats

IT Threats

Hacking PhasesReconnaissence

Scanning

Gaining Access

Maintaining Access

Clearing Tracks

Search Engines

2Hrs

2Introduction

Need of Footprinting

Footprinting3Hrs

Targets of FootprintingIT Infrastructure

Organizational Infrastructure

Footprinting TechniquesFootprinting using search engine

Footprinting using Google

Footprinting using Shodan

Footprinting Using WHOIS

Footprinting Using DNS Queries

Footprinting through Social Engineering

Footprinting through command-line utilities

Footprinting using Tools

Footprinting using Source Code Examination

Footprinting individuals

Google.com

shodan.io

whois.com

3Network Scanning

Introduction

Types of scanning

Objectives of scanning techniquesScanning for Live Single Systems

Scanning for Live Multiple Systems

Scanning for Open Po�s

ping

Zenmap/Nmap

TCP Connect / Open Scan,Half Open Scan,

Strobe Scan ,FIN | Null | Xmas Tree Scan,

FTP Bounce Scan ,UDP Scan

Po� Scanning TechniquesZenmap/Nmap

Zenmap/Nmap

Zenmap/Nmap

6Hrs

Hping, NetScan Tool,

Strobe (Super optimised TCP po� surveyor)

Scanning for System Information

Po� Scanner Tools

Vulnerability Scanner Tools

Vulnerability Scanning Nessus, OpenVas

Tools for mapping Network Architecture

Determining Network Architecture, Nessus

LanState Pro, Network Mapper

Conclusion

4Web Application Hacking

Basics of Web ApplicationArchitecture of Web Applications

Need and use of Web Applications

Pasive Information GatheringGoogle Hacking

Whois Lookup

DNS Interrogation

Maltego, webapplyzer

GHDB

netcra�, whois.net

mxtoolbox, dns queries, virustotal

Active Information Gathering1.Po� Scanning

2.Service Scanning

3.OS Fingerprinting

4.Enumerating Web Application framework

5.Web App. Content Discovery Burpsuite, HTTrack, BlackWidow

Check Authentication MechanismUsername

Passwords

Session

Vulnerabilities in Authorization MechanismDirectory Traversal (horizontal and ve�ical directory)

Bypassing Authorisation Schema

Privilege Escalation

Insecure Direct Object reference

Injection A�acksWeb Script Injection

SMTP Injection

SQL Injection

LDAP Injection

XPath Injection

Command Injection A�ack

Web Application Vulnerabilities and its DefencesInsu�cient Transpo� LayerProtection

Security Miscon�guration

Insecure Cyptographic Storage

Bu�er Ove�low

Cross Site Request Forgery a�ack

(CSRF)

Cross Site Scripting (XSS)

Redirection A�ack

Burpsuite,

OWASP ZAP

10Hrs

Improper Error Handling

Information Leakage

Failure to Restrict URL Access

Security Management Exploits

Malicious File Execution

Captcha A�acks

Authentication Hijacking

Network Access A�acks

Cookie Snooping

Web Application Security ScannerCommercial Tools

So�ware-as-a-Service Providers

Free / Open Source Tools

List of Tools

Acunetix, Nessus, BurpSuite, OWASP ZAP

5Injection

SQL InjectionTypes of SQL injection

SQL Injection tools

HTTP GET and POST request protocols

Basic queries of SQL injection

Sqlmap, Sqlninja

Code InjectionTypes of Code Injection

Vulnerability of Code Injection

Prevention of Code Injection

Sqlmap, Sqlninja

File Inclusion VulnerabilityTypes of File Inclusion

Command InjectionHow to pe�orm command injection?

How to prevent SQL Injection

10Hrs

Tool

s,OS

&

Fram

ewor

ks

We

Use