Quality Assurance processes usually verify that the system meets its functional and nonfunctional requirements, but does verify the security aspects of the product.
This course is designed to teach the QA personnel how to test for major security vulnerabilities and identify security bugs as the last line of defense before the product is delivered to the customer, as part of the standard QA testing. The objectives of the course are to teach QA personnel about application security vulnerabilities and how to perform security testing, and by that increasing the amount and quality of test cases that can be performed by the tester.
The course will introduce the tools & methods that should be performed by the auditor in order to efficiently find vulnerabilities and reducing the false positive / false negative rate.
Site mapping & web crawling
Server & application fingerprinting
Identifying the entry points
File extensions handling
Page enumeration and brute forcing
Comments in code – view source
Looking for leftovers and backup files
Analysis of error code
What is authentication?
Guessing passwords – brute force & dictionary attacks
Weak password policy
Direct page requests
Password reset flaws
Password change flaws
Locking out users
Lack of SSL at login pages
Bypassing weak CAPTCHA mechanisms
Login without SSL
What is authorization?
Rendering based authorization
Client side validation attacks
Insecure direct object reference
Business Logic Attacks
Business logic attacks
Abuse of functionality
Insecure File Handling
Uploaded files backdoors
Insecure file extension handling
Improper Input Validation Vulnerabilities
Common implementation mistakes – authentication bypassing using SQL Injection
Cross Site Scripting (XSS)
Reflected VS. Stored XSS
Special chars – ‘ & < >, empty
Session & Browser Manipulation Attacks
Session management techniques
Cookie based session management
Cookies – secrets in cookies, tampering
Exposed session variables
Missing Attributes – httpOnly, secure
Session validity after logoff
Long session timeout
Session keep alive – enable/disable
Session ID rotation
Cross Site Request Forgery (CSRF)
Background knowledge in information systems
Background knowledge in networking, internet and the World Wide Web (WWW)
Basic knowledge of web applications & programming concepts
Interested in this course? Have any questions?
Let us know and we’ll get back to you…
% Pure Security knowledge!