SEC542: Web App Penetration Testing and Ethical Hacking
SEC542: Web App Penetration Testing and Ethical Hacking Training (GWAPT)
SEC542 enables students to assess a web application’s security posture and convincingly demonstrate the business impact should attackers exploit the discovered vulnerabilities. You will practice the art of exploiting web applications to find flaws in your enterprise’s web apps. You’ll learn about the attacker’s tools and methods and, through detailed hands-on exercises, you will learn a best practice process for web application penetration testing, inject SQL into back-end databases to learn how attackers exfiltrate sensitive data, and utilize cross-site scripting attacks to dominate a target infrastructure. 30+ Hands-on Labs
Training at a glance
Level
Intermediate
Duration
6 Days
Experience
4 years: IT & Security
Average Salary
$110,000
Labs
Yes
Level
Intermediate
Duration
6 Days
Experience
4 years: IT & Security
Average Salary
$110,000
Labs
Yes
Training Details
Course Topics
- Interception Proxies
- ZAP (Zed Attack Proxy)
- BurpSuite Professional
- Common Vulnerabilities
- SSL/TLS Misconfigurations
- Username Harvesting
- Password Spraying
- Authorization Flaws (Direct Object Reference)
- Command Injection
- SQL Injection
- Cross-Site Scripting (XSS)
- Server-Side Request Forgery (SSRF)
- Insecure Deserialization
- XML External Entities (XXE)
- Local and Remote File Inclusion (LFI / RFI)
- Cross-Site Request Forgery (CSRF)
- XML External Entities (XXE)
- Logic Flaws
- Information Gathering
- Target Profiling
- Application Discovery
- Virtual Host Discovery
- Vulnerability Scanning
- Authentication and Authorization
- Session Management Flaws
- Automated Exploitation
You will be able to:
- Apply OWASP's methodology to your web application penetration tests to ensure they are consistent, reproducible, rigorous, and under quality control.
- Assess both traditional server-based web applications, as well as modern AJAX-heavy applications that interact with APIs.
- Analyze the results from automated web testing tools to validate findings, determine their business impact, and eliminate false positives.
- Manually discover key web application flaws.
- Use Python to create testing and exploitation scripts during a penetration test.
- Discover and exploit SQL Injection flaws to determine true risk to the victim organization.
- Understand and exploit insecure deserialization vulnerabilities with ysoserial and similar tools.
- Create configurations and test payloads within other web attacks.
- Fuzz potential inputs for injection attacks with ZAP, Burp's Intruder and ffuf.
- Explain the impact of exploitation of web application flaws.
- Analyze traffic between the client and the server application using tools such as the Zed Attack Proxy and BurpSuite Pro to find security issues.
- Leverage resources, such as the browser's developer tools, to assess findings within the client-side application code.
- Manually discover and exploit vulnerabilities such as Command Injection, Cross-Site Request Forgery (CSRF), Server-Side Request Forgery (SSRF), and more.
- Learn strategies and techniques to discover and exploit blind injection flaws.
- Use the Browser Exploitation Framework (BeEF) to hook victim browsers, attack client software and the network, and evaluate the potential impact that XSS flaws have within an application.
- Use the Nuclei tool to perform scans of target web sites/servers.
- Perform two complete web penetration tests, one during the first five sections of course instruction, and the other during the Capture the Flag exercise.
Lesson 1: Introduction and Information Gathering
Lesson 2: Fuzzing, Scanning, Authentication, and Session Testing
Lesson 3: Injection
Lesson 4: XSS, SSRF, and XXE
Lesson 5: CSRF, Logic Flaws and Advanced Tools
Lesson 6: Capture the Flag
Hands-On Cybersecurity Training
- Introducing Interception Proxies
- DNS Harvesting and Virtual Host Discovery
- Authentication Bypass
- BurpSuite Pro's Sequencer
- Insecure Deserialization
- Reflected and Persistent XSS Attacks
- DOM-Based XSS Attacks
- Spidering and Forced Browsing
- Testing HTTPS
- Fuzzing
- Vulnerability Scanning
- WPScan
- SQL Injection
- Blind SQL Injection
- Server-Side Request Forgery
- CSRF Exploitation
- XML External Entities
- File Upload and Webshells
- Metasploit for Web Application Attacks
- Leveraging the sqlmap tool
- BeEF and Browser Exploitation
- Username Harvesting
- Password Guessing Attacks
- JSON Web Token (JWT) Attacks
- Flask Session Cookies
- HTML Injection
- Remote File Inclusion
- Local File Inclusion
- OS Command Injection
- Drupalgeddon and Drupalgeddon 2 Exploitation
- Python for Web Application Pen Testers
- Troubleshooting when automated tools fail
- Extensive use of both BurpSuite Pro and ZAP throughout the course
- General security practitioners
- Penetration testers
- Ethical hackers
- Web application developers
- Website designers, architects, and developers
NICE Framework Work Roles:
- Security Control Assessor (OPM 612)
- Software Developer (OPM 621)
- Secure Software Assessor (OPM 622)
- System Testing and Evaluation Specialist (OPM 671)
- Information Systems Security Developer (OPM 631)
- Systems Developer (OPM 632)
- Vulnerability Assessment Analyst (OPM 541)
- Pen Tester (OPM 541)
- Exploitation Analyst (OPM 121)
- Target Developer (OPM 131)
- Cyber Ops Planner (OPM 332)
SEC542 assumes students have a basic working knowledge of the Linux command line.
Courses that lead in to SEC542:
- SEC504: Hacker Tools, Techniques, and Incident Handling
- SEC560: Enterprise Penetration Testing
- SEC565: Red Team Operations and Adversary Emulation
Courses that are good follow-ups to SEC542:
- SEC575: Mobile Device Security and Ethical Hacking
- SEC588: Cloud Penetration Testing
Depending on your current role or future plans, one of these courses is a great next step in your cybersecurity journey:
Pen Testing & Cloud
- SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
- SEC588: Cloud Penetration Testing
Red Team:
- SEC565: Red Team Operations and Adversary Emulation
- SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control
Purple Team:
- SEC598: Security Automation for Offense, Defense, and Cloud
- SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses
Upcoming Classes
We Offer More Than Just SANS Training
Our successful training results keep our corporate and military clients returning. That’s because we provide everything you need to succeed. This is true for all of our courses.
Strategic Planning & Project Management
From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.
IT & Cybersecurity
ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.
Leadership & Management
Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.