Transcription
WEBAPPLICATIONHACKING &SECURITYICLASS.ECCOUNCIL.ORGFrom the team that brought you Certified Ethical Hacker
WEB APPLICATION HACKING & SECURITYTHE COMPLETE HANDS-ON GUIDETO WEB APPLICATION HACKINGAND SECURITYUnderstand, Exploit, And Defend Yourself Against Topmost Web Vulnerabilities With AComprehensive Hands-On, Lab-Based, Guided, Mastery Course Designed By The TeamThat Brought You C EH2
3WEB APPLICATION HACKING & SECURITYTable of ContentsFrom the team that brought youCertified Ethical HackerTest your skills and learn to hack applications with Web ApplicationHacking and Security. Whether you are a beginner or an experiencedethical hacker, the Web Application Hacking and Security courseoffers something for all skill levels. You will hack through a varietyof challenges from SQL Injection, to Security Misconfigurations, toCross-Site-Scripting, and more.03What is Web Application Security? Why is it Important?04Course Description Decoding The Course05What Will You Learn?06Break The Code Challenge07Who Should Attend?08Exam and Certificationiclass.eccouncil.org
43,986Exploitsin the Google HackingDatabase18,000CVEWhy Mastery ofWeb Application SecurityPublished in 2020is ImportantMost of the work we do on a day-to-day basis uses cloud-basedapps that are vulnerable to cyber-attacks.There are currently 43,986 exploits (and growing) in the GoogleHacking Database1 and the total number of Common Vulnerabilitiesand Exposures (CVE) is at a record high with over 18,000 publishedin 2020 alone!Now, with so many published vulnerabilities, it is important to learnto defend and secure your web applications. Traditional protectionslike firewalls alone do not secure web applications. Defenders needa deep understanding of the most critical security risks to webapplications such as the OWASP Top 10. And what better way tolearn to gain familiarity and defend than to -databaseiclass.eccouncil.org
CourseDescriptionDecoding Web ApplicationHacking and SecurityCourse Duration: 60 HoursWeb Application Hacking and Security has challenges derived from the iLabenvironments of EC Council – from Certified Ethical Hacker (C EH) to the CertifiedPenetrationTestingProfessional(C PENT);fromCertifiedApplicationSecurityEngineer (C ASE) .Net to Java. But Web Application Hacking and Security goesbeyond this to more difficult scenarios as you advance through each problem.Web Application Hacking and Security is like Capture-The-Flag (CTF) competitionsmeant to test your hacking skills. But you can keep on trying until you achieve thegoal. Test your skills and work alone to solve complex problems or follow the instructoras he does walkthroughs to help you learn Web Application Hacking and Security.Play Learn Hack Testiclass.eccouncil.org
WEB APPLICATION HACKING & SECURITYWHAT WILL YOU LEARN?You will learn about application vulnerabilities and web application hacking. Even though thiswill prove useful for other CTF contests, and in cracking VVMs, it will be even more useful to yourcareer as you learn to defend your applications and progress to Web Application Hacking andSecurity.Advanced Web Application Penetration TestingRemote File Inclusion (RFI)Advanced SQL Injection (SQLi)Reflected, Stored and DOM-based Cross SiteScripting (XSS)Cross Site Request Forgery (CSRF) – GET andPOST MethodsServer-Side Request Forgery (SSRF)Security MisconfigurationsDirectory Browsing/BruteforcingCMS Vulnerability ScanningNetwork ScanningAuth BypassWeb App EnumerationDictionary AttackInsecure Direct Object Reference Prevention(IDOR)Broken Access ControlLocal File Inclusion (LFI)Arbitrary File DownloadArbitrary File UploadUsing Components with Known VulnerabilitiesCommand InjectionRemote Code ExecutionFile TamperingPrivilege EscalationLog PoisoningWeak SSL CiphersCookie ModificationSource Code AnalysisHTTP Header modificationSession FixationClickjackingLearn by doing. Don’t rely on the walkthroughs;challenge yourself and see how far you can get.iclass.eccouncil.org6
7WEB APPLICATION HACKING & SECURITYBREAK THE C / DEChallenge yourself and hack your wayto greatnessYou will encounter security misconfigurations, SQL injection vulnerabilities, directory browsing vulnerabilities,enumeration vulnerabilities, and opportunities to escalate privileges and gain access to privileged information.Each section of ‘Break the Code’ brings progressively more difficult challenges. There are always multipleBeginnerIntermediateProficientExpert6 Challenges6 Challenges8 Challenges4 Challenges60 Minutes120 Minutes320 Minutes240 Minutes60 Points250 Points400 Points400 Points1110 Pointspaths to take, but few will get you the prize and move you up the leader board.Watch your name rise on the leader board, a place where you’ll seewho’s cracking the most challenges, who’s making the most progress,who’s cranking out the h@ck !iclass.eccouncil.org
WEB APPLICATION HACKING & SECURITY8WHO SHOULD ATTEND?If you are tasked with implementing, managing, or protecting web applications, then this courseis for you. If you are a cyber or tech professional who is interested in learning or recommendingmitigation methods to a myriad of web security issues and want a pure hands-on program, thenthis is the course you have been waiting for.Penetration TesterEthical HackerWeb Application Penetration TesterSecurity Engineer/AuditorRed Team EngineerInformation Security EngineerRisk/Vulnerability AnalystVulnerability ManagerIncident Respondericlass.eccouncil.org
9WEB APPLICATION HACKING & SECURITYEXAM OVERVIEWA fully online, remotely proctored practical exam that challenges candidates through a grueling6-hour performance-based, hands-on exam. The exam assesses candidates’ skills and proficiencieson a broad spectrum of OWASP Top-10 web application vulnerabilities and attack vectors. Theassessment is not limited to only the understanding of automated exploitation frameworks butrequires a deep understating of various web application technologies, their inherent and acquiredvulnerabilities, and manual exploitation techniques.CERTIFICATIONThe exam focuses on candidates’ proficiencies in performing a web application security assessmentin real life stressful scenarios. Candidates who score more than 60% will earn the Certified WebApplication Security Associate certification, candidates who score more than 75% will be awardedthe Certified Web Application Security Professional certification and candidates who score morethan 90% attain the prestigious Certified Web Application Security Expert certification!60%ASSOCIATE75% PROFESSIONAL90% Level Up Your SkillsRegister NowEXPERTThe Web Application Hacking and Security exam dashboard will be available for 30 days fromtime of activation. Launch your Exam Dashboard when you are ready to take on the exam. You will need to schedule the exam sessions and clear the exam from the Exam Dashboardwithin the validity period of 30 days. You will need a host machine with a virtual machine running your penetration testing toolkitto take the exam. Please read the Host System Requirement and Virtual Machine ResourceRequirement carefully.iclass.eccouncil.org
WEBAPPLICATIONHACKING &SECURITYICLASS.ECCOUNCIL.ORG
Hacking and Security. Whether you are a beginner or an experienced ethical hacker, the Web Application Hacking and Security course offers something for all skill levels. You will hack through a variety of challenges from SQL Injection, to Security Misconfigurations, to Cross-Site-Scripting, and more.
