Processing your application. Please be patient while we make sure we receive every piece of it.
Information Security
Certified Security Testing Professional (CSTP) Ethical Hacking II
2 Day(s)
REQUEST
PRIVATE SESSION
COURSE DESCRIPTION
OVER
VIEW
+
OBJEC
TIVES
+
AUD
IENCE
+
PRERE
QUISI
TES
+
OUT
LINE
+
Course OverviewCSTP introduces delegates to the exploitation and security auditing of web applications. It also reinforces and develops techniques from CSTA. Web application vulnerabilities can pose serious problems to an organization’s security. Many do not realize how much control an attacker can gain via a simple flaw in the security of a public- facing web application.What you will learn: • Review of professional penetration testing tools • Further exercises against Windows and UNIX targets • The Metasploit framework • Web application security, including: 1. SQL Injection 2. Cross-site scripting (XSS) 3. Cross-site request forgeries (CSRF) 4. Threats to users AudienceThose responsible for, or with an interest in, the security of IT systems and web applications, including (but not limited to): System/Network Administrators, Crime Prevention & Protection Officers, Auditors, Security Officers, Information Security Professionals& Pen-Testers. PrerequisitesPrior attendance of the CSTA Ethical Hacking: Hands-On training course (or equivalent) is strongly recommended. A basic understanding of HTTP & HTML is needed. Web application vulnerabilities can pose serious problems to an organization’s security. Many do not realize how much control an attacker can gain via a simple flaw in the security of a public-facing web application. The CSTP commands industry recognition and forms part of 7Safe’s ground-breaking Masters-level education program.
Price: $2,295
To find out more available information
about this course, please contact us:

416-929-1599
info@acend.com
To find out more available information
about this course, please contact us:

416-929-1599
info@acend.com
To find out more available information
about this course, please contact us:

416-929-1599
info@acend.com

Certified Security TestingProfessional (CSTP) Ethical Hacking II

Topics

InfrastructurePenetration Testing

· Use of the Nikto web server scanner & Nessus

· Remote registry hacking & silent RAT installation

· Understand the Metasploit Framework, including the powerfulMeterpreter payload

Hacking WebApplications

· Find & assess weaknesses in PHP & ASP.NET webapplications

· Learn how you can use SQL injection to bypass authentication& reveal confidential information

· Gain SYSTEM level access to a web server hosting a poorly securedweb application

· Learn what web application vulnerability scanners can and canft do to map out weaknessesin web

· Applications Practical injection techniques used to glean,manipulate & corrupt data

· Test and exploit web applications using HTTP request &response modification

· Launch attacks using an HTTP proxy

· Further attacks using extended stored procedures

Client-SideAttacks

· Discover the potential severity of the often underestimated XSSvulnerability

· Understand cross-site request forgeries

· Common browser & e-mail client hacking techniques used totarget Internet users

· Attack a Windows XP Workstation

· Enhance attacks through e-mail spoofing

· Use XSS with session cookie theft to compromise a userfs online identity and stealconfidential information

· Launch a web application dictionary attack

· Use Metasploitfsautopwn to automatically attack a user fsbrowser


Materials Covered:

  • Review of professional penetration testing tools
  • Further exercises against Windows and UNIX targets
  • The Metasploit framework
  • Web application security, including:
    1. SQL Injection
    2. Cross-site scripting (XSS)
    3. Cross-site request forgeries (CSRF)
  • Threats to users

SITE MAP