This document provides an overview of a web application security course. The course covers topics such as HTTP and HTTPS protocols, encoding techniques, profiling applications, attacking authentication and authorization, cryptography weaknesses, session management, cross-site scripting, SQL injection, cross-site request forgery, URL redirection attacks, input validation, server configuration issues, attacking the web server, OWASP Top 10 risks, security scanners, risk assessment, and pentest reports. The course aims to teach students how to identify vulnerabilities in web applications and secure them.

1. Web Application Security
Course Overview
Satish.B
Email:
satishb3@securitylearn.net

2. Course Content
History of web application
Introduction to web application architecture
Uniform Resource Locator (URL)
HTTP
Introduction
HTTP Methods
WEBDAV methods
Request/Response analysis
Security problems with http
HTTPS
Handshake protocol
Record protocol
Proxy
Man in the middle attack
Tools: Burp proxy, Paros proxy, web scarab
Encoding Techniques
URL Encoding
HTML Encoding
Unicode Encoding
Tools: Burp decoder
Profiling Application
Spiders, crawlers
Search engine discovery
Banner Grabbing
Robots.txt
Analysis of error codes
Tools: HttpPrint, netcraft
Attacking Authentication
Authentication Types
Brute force attacks
Analyzing Auto complete options
Insecure credential transmission
Session puzzle attacks
Authentication bypass techniques
Shoulder surfing
2 http://www.securitylearn.net

3. CAPTCHA Rebinding attacks
Countermeasures
Tools: Bruter, Burp Repeater, Burp Intruder
Attacking Authorization
Authorization types
Parameter tampering
Horizontal privilege escalation
Vertical privilege escalation
Referrer spoofing
Cryptography weakness
Symmetric cryptography
Asymmetric cryptography
Substitution cipher
Stream cipher
Block cipher
Steganography
SSL cipher testing
Cracking hashes
Padding oracle attack
Cracking ECB encryption
Tools: SSLDigger, MD5 crack
Attacking Session management
Introduction
Secure flag
HTTPOnly flag
Cookie Domain & Path
Session Token analysis
Session fixation
Cookie transmission mechanisms
Tools: Burp sequencer
Timeout issues
Cross site scripting attacks
Same origin policy
Reflective XSS
Stored XSS
DOM based XSS
Anatomy of XSS
Exploitation
Impact of XSS
XSS Shell
3 http://www.securitylearn.net

4. XSS & Metasploit
Black list/White list
Input validation
Output encoding
Remediation
Tools: Beef
SQL injection
Error based SQLi
Blind SQLi
SQLi exploitation
Data extraction with UNION queries
Data extraction with inference techniques
Command execution with SQLi
Impact of SQLi
Remediation
Stored procedures Vs Parameterized queries
Tools: SQLMap, Absinthe
Cross site request forgery
Anatomy of CSRF
Remediation
CAPTCHA Rebinding attack
Tool: CSRFTester
URL Redirection attacks
Phishing attacks
Remediation
HTTP Response splitting
Cache positioning
Command execution
Input validation attacks
File Uploads
Path traversal attacks
Local file inclusions
Remote file inclusions
Command Execution
Remediation Techniques
Server Configuration issues
WEBDAV methods
Caching vulnerabilities
Directory listing
4 http://www.securitylearn.net

5. Attacking Web Server
Denial of service attacks
Buffer over flows
Remediation
OWASP Top10 web application risks
Scanners
Usage of tools
Pros, Cons & Problems with scanners
IBM- AppScan
HP- WebInspect
Risk Assessment
OWASP Risk Rating methodology
Pentest Reports
Executive reports
Detailed reports
Web Application Security Checklist
Contact
Satish B
Email: satishb3@securitylearn.net
satishb3@hotmail.com
5 http://www.securitylearn.net