Course Content
Web Security Overview
Different WebSecurity Standards
Typical Websecurity Vulnerabilities
- Broken Authentication & session management, Broken Access control, Injection Flaws, Cross Site Scripting, Cross Site Request Forgery, Hidden Field Manipulation, Insecure Storage, Improper session and cookie management, Denial of service, Insecure configuration, Transport level vulnerabilities.
Injection Vulnerabilites
- SQL Injection Vulnerabilites, Xpath injection vulnerabilities, Command injection vulnerabilities, XXE injection vulnerabilities, LDAP injection vulnerabilities. Setting and Parsing Cookies Vulnerabilities.
Cross Site Vulnerabilities
- Cross Site Scripting vulnerabilities, Cross Site Request Forgery vulnerabilities. Input validation Flaws vulnerabilities, Buffer Overflow Flaws vulnerabilities, Improper Error/Exception Handling vulnerabilities, Improper Access Management vulnerabilities, Denial of Service Vulnerabilities. Improper configuration vulnerabilities.
Web Security Vulnerabilities Remediation Methods & Techniques
Security Scanning and Testing
- Security Vulnerability Scans and Code Review objective
Scanning and Testing Approach/Process
- Security Vulnerability scanning and Testing, Penetration Testing,Manual Vulnerability Testing, Manual Vulnerability Testing
Web Security Scanning and Testing Approach with usage of different tools
Unit Testing Using Different Web Security Testing tools
- Security Testing Tools
