TECH TRAINING 7 – EXTREME WEB HACKING

________________

OVERVIEW

Extreme Web Hacking is a brand new class designed with one goal in mind – achieving mastery over web application penetration testing. We begin where other web hacking classes leave off. We are here to take your web hacking skills to the next level by putting you through challenging real-world application scenarios.

Extreme Web Hacking is all about working your way through problems and challenges faced in the real world. Nested SQL Injection, Privilege Escalation, Practical Clickjacking, OS access through DB injection, WAF evasion, Advanced XSS payloads, XSS Filter Evasion, Multi-level encoding, AJAX Hacking, Dynamic Protocol Rewriting, and other such topics shall be covered with practical hands-on hacking examples.

The class is centered around a set of applications with progressively increasing degrees of complexity found in today’s real world scenarios. Bulk of the class time shall be spent in lab exercises. Participants in this class shall be required to work individually or in teams to attack and compromise one tricky application after another. After the lab sessions, you shall think twice before reporting a vulnerability as “Not Exploitable”.

The class is taught by instructors who are expert penetration testers having a vast experience from testing hundreds of complex applications. Finally, Extreme Web Hacking is not for the faint of heart. The class features an intermediate to advanced level of complexity and is recommended for participants who have had some prior experience in web hacking. Do you want to become an expert web hacker? Then this class is for you!

KEY LEARNING OBJECTIVES

• A deeper look at HTTP – protocols, data encoding, oddities and anomalies

• The web hacker’s workbench – taking commonly used web hacking tools to the next level with automated scripting

• Advanced Input Tampering

• Practical challenges with SQL Injection – Sub-queries, Nested injection, Blind injection, Filter evasion

• Data exfiltration through SQL Injection

• Practical host OS access through SQL Injection and privilege escalation

• Understanding Browser anomalies – characteristic differences between browser engines

• Advanced XSS payloads – practical attacks

• DOM exfiltration through XSS attacks

• Bypassing XSS filters – server side filters and client side filters

• Attacking rich client interfaces – AJAX, Flash, Websockets, HTML5 local storage

• WAF evasion and bypass – practical exercises

• Fun with HTTP – HTTP Parameter Pollution, Multipart-MIME inputs, abusing redirects

• Deeper client side attacks – CSRF, Clickjacking, open URL redirection, session fixation

• Deeper server side attacks – practical LFI, RFI, XPATH injection, File upload bypasses, Web Services, REST attacks

• Customizing, scripting and chaining tools such as BURP suite, SQLmap and OWASP ZAP.

• THINKING OUT OF THE BOX!

WHO SHOULD ATTEND

• Pen-testers, Security analysts, Security auditors, who want to go above and beyond just using scanners and automated tools.

• Members of Red Teams who want to proactively find vulnerabilities with their internal web applications.

• Members of internal product security groups, who want to pen-test and exploit custom built applications.

• Official and unofficial cyber warfare units.

• Just about anyone curious about web hacking!

PREREQUISITES

• An understanding of HTTP and web based applications

• Have prior understanding OWASP Top Ten threats

• Have tried their hands at web hacking

• Be familiar with coding in any programming language (Java / ASP.NET / PHP / C#)

• Have exposure to scripting languages such as Perl, Python and Ruby

• Not be allergic to command-line tools

• Have an open mind and a working laptop

COURSE AGENDA

DAY 1

• Introduction – A deeper look at HTTP

• Advanced Input Tampering

• Practical challenges with SQL Injection– Sub-queries, Nested injection, Blind injection, Filter evasion, Data exfiltration, Host OS access, Privilege Escalation

• Challenge Lab 1

• Understanding Browser anomalies

• Advanced XSS payloads – DOM Exfiltration, XSS Filter Bypass

• Advanced Payload Encoding Tricks

• WAF evasion and bypass

• Challenge Lab2

DAY 2

• Server side attacks – practical LFI, RFI, XPATH injection, File upload bypasses, Web Services, REST attacks

• Fun with HTTP – HTTP Parameter Pollution, Multipart-MIME inputs, abusing redirects

• Challenge Lab3

• Client side attacks – CSRF, Clickjacking, open URL redirection, session fixation

• Attacking rich client interfaces – AJAX, Flash, Websockets, HTML5 local storage

• Customizing, scripting and chaining tools such as BURP suite, SQLmap and OWASP ZAP.

• Capture the Flag

HARDWARE / SOFTWARE REQUIREMENTS

• A working laptop with Intel Core 2 Duo or superior x86/x64 hardware

• 4GB RAM required, 8GB RAM preferred

• Wireless network card

• 20 GB free Hard disk space

•  VMware Player / Workstation / Fusion (for Mac OS X)

ABOUT THE TRAINERS

Aditya Modha (Principal, Net-Square)

Aditya Modha, is a Principal Analyst at Net-Square focused on web application and mobile security penetration testing. He is a seasoned trainer and has conducted a number of training sessions and workshops on attacking applications as well as secure coding practices. He has hacked hundreds of applications and frameworks throughout his career and enjoyed many “shells”.

Aditya is a computer science graduate and a Microsoft Certified Technology Specialist. His inspiration for joining the world of information security comes from “Live Free or Die Hard”.

Rohan Braganza (Senior Analyst, Net-Square)

Rohan Braganza (CEH, CCNA, CCNA Security) is a senior security analyst at Net-Square. He has extensive experience in conducting vulnerability assessment and penetration tests on applications as well as networks. He is well versed with applications in the financial sector and focuses on defeating business logic. Rohan has a sound background of C++ programming and developing mobile applications. In his spare time, he keeps working on his GPU cluster password cracker.