SANS SEC542: Web App Penetration Testing and Ethical Hacking

در دوره تست نفوذ وب یا  دوره SANS SEC542: Web App Penetration Testing and Ethical Hacking که توسط شرکت SANS ارائه میشود شما با مفاهیم و پروتکل های وب، روش های جمع آوری اطلاعات در مورد وب، روش های بدست آوردن Username و Password یک وب سایت، انواع روش های Injection مانند SQL Injection و LFI و RFI و …، آسیب پذیری های XSS و XXE، آسیب پذیری CSRF و با نرم افزار های تست نفوذ وب آشنا می شوید. نام مدرک این دوره GWAPT می باشد که افراد پس بدست آوردن مدرک GWAPT توانایی تست نفوذ برنامه های تحت وب را خواهند داشت.

لینک دانلود دوره آموزشی SANS SEC542: Web App Penetration Testing and Ethical Hacking 2019


حجم : 4.27 گيگابايت

دانلود – PDF
دانلود -Video- بخش اول
دانلود -Video- بخش دوم
دانلود -Video- بخش سوم
دانلود -Video- بخش چهارم
دانلود -Video- بخش پنجم

رمز فايل:

Web applications play a vital role in every modern organization. But, if your organization does not properly test and secure its web apps, adversaries can compromise these applications, damage business functionality, and steal data. Unfortunately, many organizations operate under the mistaken impression that a web application security scanner will reliably discover flaws in their systems.

SEC542 helps students move beyond push-button scanning to professional, thorough, high-value web application penetration testing.

Customers expect web applications to provide significant functionality and data access. Even beyond the importance of customer-facing web applications, internal web applications increasingly represent the most commonly used business tools within any organization. Unfortunately, there is no “patch Tuesday” for custom web applications, so major industry studies find that web application flaws play a major role in significant breaches and intrusions. Adversaries increasingly focus on these high-value targets either by directly abusing public-facing applications or by focusing on web apps as targets after an initial break-in.

Modern cyber defense requires a realistic and thorough understanding of web application security issues. Anyone can learn to sling a few web hacks, but effective web application penetration testing requires something deeper.

SEC542 enables students to assess a web application’s security posture and convincingly demonstrate the business impact should attackers exploit the discovered vulnerabilities.

Students will come to understand common web application flaws, as well as how to identify and exploit them with the intent of demonstrating the potential business impact. Along the way, students follow a field-tested and repeatable process to consistently find flaws. Information security professionals often struggle with helping organizations understand risk in terms relatable to business. Executing awesome hacks is of little value if an organization does not take the risk seriously and employ appropriate countermeasures. The goal of SEC542 is to better secure organizations through penetration testing, and not just show off hacking skills. The course will help students demonstrate the true impact of web application flaws not only through exploitation but also through proper documenting and reporting.

In addition to high-quality course content, SEC542 focuses heavily on in-depth, hands-on labs to ensure that students can immediately apply all they learn.

In addition to walking students through a web app penetration through using more than 30 formal hands-on labs, the course culminates in a web application pen test tournament, powered by the SANS NetWars Cyber Range. This Capture the Flag event on the final day brings students into teams to apply their newly acquired command of web application penetration testing techniques in a fun way to hammer home lessons learned.

You Will Learn:

  • To apply a repeatable methodology to deliver high-value penetration tests.
  • How to discover and exploit key web application flaws.
  • How to explain the potential impact of web application vulnerabilities.
  • The importance of web application security to an overall security posture.
  • How to wield key web application attack tools more efficiently.
  • How to write web application penetration test reports.

You Will Be Able To

  • Apply OWASP’s methodology to your web application penetration tests to ensure they are consistent, reproducible, rigorous, and under quality control.
  • Analyze the results from automated web testing tools to validate findings, determine their business impact, and eliminate false positives.
  • Manually discover key web application flaws.
  • Use Python to create testing and exploitation scripts during a penetration test.
  • Discover and exploit SQL Injection flaws to determine true risk to the victim organization.
  • Understand and exploit insecure deserialization vulnerabilities with ysoserial and similar tools.
  • Create configurations and test payloads within other web attacks.
  • Fuzz potential inputs for injection attacks.
  • Explain the impact of exploitation of web application flaws.
  • Analyze traffic between the client and the server application using tools such as the Zed Attack Proxy and BurpSuite Pro to find security issues within the client-side application code.
  • Manually discover and exploit Cross-Site Request Forgery (CSRF) attacks.
  • Use the Browser Exploitation Framework (BeEF) to hook victim browsers, attack client software and the network, and evaluate the potential impact that XSS flaws have within an application.
  • Perform two complete web penetration tests, one during the five days of course instruction, and the other during the Capture the Flag exercise.

Course Topics

  • Interception Proxies
    • ZAP (Zed Attack Proxy)
    • BurpSuite Professional
  • Common Vulnerabilities

    • SSL/TLS misconfigurations
    • Username harvesting
    • Command Injection
    • SQL Injection
    • Cross-Site Scripting (XSS)
    • Insecure Deserialization
    • XML External Entities (XXE)
    • Local and Remote File Inclusion (LFI / RFI)
    • Cross-Site Request Forgery (CSRF)
  • Open Source Intelligence (OSINT)
  • Target Profiling
  • Application Discovery
  • Authentication and Authorization
  • Session Management Flaws
  • Automated Exploitation

Hands-On Training

SANS SEC542 employs hands-on labs throughout the course to further students’ understanding of web application penetration concepts. Some of the many hands-on labs in the course include:

  • DNS Harvesting and Virtual Host Discovery
  • Authentication Bypass
  • Heartbleed Exploitation
  • Insecure Deserialization
  • Reflected and Persistent XSS Attacks
  • DOM-Based XSS Attacks
  • Spidering and Forced Browsing
  • WPScan
  • SQL Injection
  • Blind SQL Injection
  • CSRF Exploitation
  • XML External Entities
  • Metasploit for Web Application Attacks
  • Exploiting Shellshock
  • Leveraging the sqlmap tool
  • BeEF and Browser Exploitation
  • Username Harvesting
  • Password Guessing Attacks
  • HTML Injection
  • Remote File Inclusion
  • Local File Inclusion
  • OS Command Injection
  • Drupalgeddon and Drupalgeddon 2 Exploitation
  • BurpSuite Professional Scanner
  • Python for Web Application Pen Testers
  • Troubleshooting when automated tools fail
  • Extensive use of both BurpSuite Pro and ZAP throughout the course

What You Will Receive

  • Course media that includes both web application attack tools, as well as many vulnerable web applications for testing and training within the classroom and beyond
  • Audio recordings of the course to review material after class
  • A custom virtual machine tailored specifically for web application penetration testing, with all labs installed locally so they can be repeated even after the course

GIAC Web Application Penetration Tester

The GIAC Web Application Penetration Tester (GWAPT) certification validates a practitioner’s ability to better secure organizations through penetration testing and a thorough understanding of web application security issues. GWAPT certification holders have demonstrated knowledge of web application exploits and penetration testing methodology.

  • Web application overview, authentication attacks, and configuration testing
  • Web application session management, SQL injection attacks, and testing tools
  • Cross site request forgery and scripting, client injection attack, reconnaissance and mapping
5 دیدگاه
  1. نیما says

    از شما بهترم هست؟
    دمتون گرم!‌

  2. farbod says

    سلام لینک دانلود خرابه

    1. technet24 says

      مجدد بررسی کنید.

      1. farbod says

        درست شد, ممنون از آموزش هایی که قرار میدین. اگه ممکنه SEC 560 و SEC 660 و SEC642 هم قرار بدین.
        با تشکر

  3. حامد says

    سلام داخل دوره یک vm رو معرفی می کنه که تمرین ها در اونجا انجام میشه و خود Sec طراحیش کردند. داخل فایل ها اون vm موجود نیست. چطوری تمارین و راه حل هارو انجام بدیم پس؟


آدرس ایمیل شما منتشر نخواهد شد.