Bespoke course for GK/Kirstee Taylor
Module. Injection
Understanding untrusted data
Looking at the interpreter
Analysing Injection flaws
Performing SQL and NoSQL injection
Operating System injection
Executing LDAP injection
Module. Broken Authentication
Understanding Application functions related to authentication
Understanding application functions related to session management
Compromising passwords
Understanding the role of key and session tokens
Exploit implementation flaws to assume other users’ identities
Compromise Temporarily or permanently.
Module. Sensitive Data Exposure
Properly protect sensitive data
How to steal or modify weakly protected data
Using encryption at rest
Using encryption in transit
Understanding the special precautions when data are exchanged with the browser
Module. External Entities (XXE)
The source of the problem
Using a poorly configured XML processors
Evaluate external entity references within XML documents
Disclose internal files using the file URI handler
Disclosing internal file shares
Executing internal port scanning, remote code execution, and denial of service attacks
How to prevent XXE
Module. Broken Access Control
Understanding the problem
Evaluating restrictions on what authenticated users are allowed to do
The flaws of the missing enforcement.
Access unauthorized functionality and/or data
View sensitive files
Modify other users’ data
Change access rights
Module. Security Misconfiguration
Using and insecure default configurations
Understanding an incomplete or ad hoc configurations
The problem of misconfigured HTTP headers
Disclosing verbose error messages containing sensitive information.
Patching/upgrading operating systems, frameworks, libraries, and applications
Module. Cross-Site Scripting (XSS)
The origin of XSS flaws
Missing the proper validation or escaping
Create HTML or JavaScript on the fly.
Execute scripts in the victim’s browser
Hijack user sessions
Website defacement
Redirect the user to malicious sites
Module. Insecure Deserialization
The action of serialisation/deserialization
The risk of remote code execution
Different types of attack that can derive
Understanding replay attack, injection attack, privilege escalation attack
Module. Using Components with Known Vulnerabilities
The application user privilege
Understanding the used components, such as libraries, frameworks, and other software modules
The exploitation of a vulnerable component
Module. Insufficient Logging & Monitoring
The problem of insufficient logging and monitoring
The missing/ineffective incident response+