About the course
Who Should Attend?
Web App Developers, Web Site Admins, Auditors, Cyber Security Experts.
Basic knowledge of web technologies.
• Information gathering
• Configuration management flaws
• Input / output manipulation
- Cross Site Scripting (XSS)
- Injection flaws: SQL Injection, OS command injection etc.
• User authentication flaws
• Authorization flaws
• Session management flaws
- Session fixation
- Session hijacking
- Cross Site Request Forgery (CSRF)
• Application logic
• Log management
• Failure management
• Secure application management
The attendees will learn important security components of HTTP based applications,most common mistakes, how to avoid making these mistakes and how to assure sustainable application security.