SEC542: Cyber Security Training at SANS Network Security Las Vegas 2024
Provided by SANS
What You Will Learn
If your organization does not properly test and secure its web applications, adversaries can compromise these apps, damage business functionality, and steal data. Unfortunately, many organizations operate under the mistaken impression that a web application security scanner will reliably discover flaws in their systems.
SEC542 helps students move beyond push-button scanning to professional, thorough, high-value web application penetration testing.
Customers expect web applications to provide significant functionality and data access. Even beyond the importance of customer-facing web applications, internal web applications increasingly represent the most commonly used business tools within any organization. Unfortunately, there is no "patch Tuesday" for custom web applications, so major industry studies find that web application flaws play a major role in significant breaches and intrusions. Adversaries increasingly focus on these high-value targets, either by directly abusing public-facing applications or by focusing on web apps as targets after an initial break-in.
SEC542 enables students to assess a web application's security posture and convincingly demonstrate the business impact should attackers exploit discovered vulnerabilities.
Modern cyber defense requires a realistic and thorough understanding of web application security issues. Anyone can learn to sling a few web hacks, but effective web application penetration testing requires something deeper.
SEC542 gives novice students the information and skills to become expert penetration testers with practice and fills in all the foundational gaps for individuals with some penetration testing background.
Students will come to understand common web application flaws, as well as how to identify and exploit them, focusing on the potential business impact. The course guides students through a proven, repeatable process tailored for comprehensive web application assessments. This systematic approach equips students with skills for conducting evaluations that not only identify security issues but also demonstrate their implications for business. This course aims to enhance organizational security by building skilled penetration testers. It emphasizes not just the technical aspects of hacking, but also the importance of thorough documentation and reporting to convey the significance of web application vulnerabilities.
In addition to high-quality course content, SEC542 focuses heavily on in-depth, hands-on labs and capstone capture the flag (CTF) event to ensure that students can immediately apply all they learn.
In addition to walking students through web app penetration using more than 30 formal hands-on labs, the course culminates in a web application pen test tournament, powered by the SANS Netwars cyber range. This Capture-the-Flag event groups students into teams to apply their newly acquired command of web application penetration testing techniques in a fun way that hammers home the lessons learned throughout the course.
Course Topics
SANS SEC542 employs hands-on labs throughout the course to further students' understanding of web application penetration concepts. Some of the many hands-on labs in the course include:
If your organization does not properly test and secure its web applications, adversaries can compromise these apps, damage business functionality, and steal data. Unfortunately, many organizations operate under the mistaken impression that a web application security scanner will reliably discover flaws in their systems.
SEC542 helps students move beyond push-button scanning to professional, thorough, high-value web application penetration testing.
Customers expect web applications to provide significant functionality and data access. Even beyond the importance of customer-facing web applications, internal web applications increasingly represent the most commonly used business tools within any organization. Unfortunately, there is no "patch Tuesday" for custom web applications, so major industry studies find that web application flaws play a major role in significant breaches and intrusions. Adversaries increasingly focus on these high-value targets, either by directly abusing public-facing applications or by focusing on web apps as targets after an initial break-in.
SEC542 enables students to assess a web application's security posture and convincingly demonstrate the business impact should attackers exploit discovered vulnerabilities.
Modern cyber defense requires a realistic and thorough understanding of web application security issues. Anyone can learn to sling a few web hacks, but effective web application penetration testing requires something deeper.
SEC542 gives novice students the information and skills to become expert penetration testers with practice and fills in all the foundational gaps for individuals with some penetration testing background.
Students will come to understand common web application flaws, as well as how to identify and exploit them, focusing on the potential business impact. The course guides students through a proven, repeatable process tailored for comprehensive web application assessments. This systematic approach equips students with skills for conducting evaluations that not only identify security issues but also demonstrate their implications for business. This course aims to enhance organizational security by building skilled penetration testers. It emphasizes not just the technical aspects of hacking, but also the importance of thorough documentation and reporting to convey the significance of web application vulnerabilities.
In addition to high-quality course content, SEC542 focuses heavily on in-depth, hands-on labs and capstone capture the flag (CTF) event to ensure that students can immediately apply all they learn.
In addition to walking students through web app penetration using more than 30 formal hands-on labs, the course culminates in a web application pen test tournament, powered by the SANS Netwars cyber range. This Capture-the-Flag event groups students into teams to apply their newly acquired command of web application penetration testing techniques in a fun way that hammers home the lessons learned throughout the course.
Course Topics
- Interception Proxies
- ZAP (Zed Attack Proxy)
- BurpSuite Professional
- Common Vulnerabilities
- SSL/TLS Misconfigurations
- Username Harvesting
- Password Spraying
- Authorization Flaws (Direct Object Reference)
- Command Injection
- SQL Injection
- Cross-Site Scripting (XSS)
- Server-Side Request Forgery (SSRF)
- Insecure Deserialization
- XML External Entities (XXE)
- Local and Remote File Inclusion (LFI / RFI)
- Cross-Site Request Forgery (CSRF)
- XML External Entities (XXE)
- Logic Flaws
- Information Gathering
- Target Profiling
- Application Discovery
- Virtual Host Discovery
- Vulnerability Scanning
- Authentication and Authorization
- Session Management Flaws
- Automated Exploitation
- Apply a repeatable methodology to deliver high-value penetration tests
- Discover and exploit key web application flaws
- Explain the potential impact of web application vulnerabilities
- Convey the importance of web application security to an overall security posture
- Wield key web application attack tools efficiently
- How to write web application penetration test reports
- Apply OWASP's methodology to your web application penetration tests to ensure they are consistent, reproducible, rigorous, and under quality control.
- Assess both traditional server-based web applications, as well as modern AJAX-heavy applications that interact with APIs.
- Analyze the results from automated web testing tools to validate findings, determine their business impact, and eliminate false positives.
- Manually discover key web application flaws.
- Use Python to create testing and exploitation scripts during a penetration test.
- Discover and exploit SQL Injection flaws to determine true risk to the victim organization.
- Understand and exploit insecure deserialization vulnerabilities with ysoserial and similar tools.
- Create configurations and test payloads within other web attacks.
- Fuzz potential inputs for injection attacks with ZAP, Burp's Intruder and ffuf.
- Explain the impact of exploitation of web application flaws.
- Analyze traffic between the client and the server application using tools such as the Zed Attack Proxy and BurpSuite Pro to find security issues.
- Leverage resources, such as the browser's developer tools, to assess findings within the client-side application code.
- Manually discover and exploit vulnerabilities such as Command Injection, Cross-Site Request Forgery (CSRF), Server-Side Request Forgery (SSRF), and more.
- Learn strategies and techniques to discover and exploit blind injection flaws.
- Use the Browser Exploitation Framework (BeEF) to hook victim browsers, attack client software and the network, and evaluate the potential impact that XSS flaws have within an application.
- Use the Nuclei tool to perform scans of target web sites/servers.
- Perform two complete web penetration tests, one during the first five sections of course instruction, and the other during the Capture the Flag exercise.
SANS SEC542 employs hands-on labs throughout the course to further students' understanding of web application penetration concepts. Some of the many hands-on labs in the course include:
- Introducing Interception Proxies
- DNS Harvesting and Virtual Host Discovery
- Authentication Bypass
- BurpSuite Pro's Sequencer
- Insecure Deserialization
- Reflected and Persistent XSS Attacks
- DOM-Based XSS Attacks
- Spidering and Forced Browsing
- Testing HTTPS
- Fuzzing
- Vulnerability Scanning
- WPScan
- SQL Injection
- Blind SQL Injection
- Server-Side Request Forgery
- CSRF Exploitation
- XML External Entities
- File Upload and Webshells
- Metasploit for Web Application Attacks
- Leveraging the sqlmap tool
- BeEF and Browser Exploitation
- Username Harvesting
- Password Guessing Attacks
- JSON Web Token (JWT) Attacks
- Flask Session Cookies
- HTML Injection
- Remote File Inclusion
- Local File Inclusion
- OS Command Injection
- Drupalgeddon and Drupalgeddon 2 Exploitation
- Python for Web Application Pen Testers
- Troubleshooting when automated tools fail
- Extensive use of both BurpSuite Pro and ZAP throughout the course
- Course media that includes both web application attack tools, as well as many vulnerable web applications for testing and training within the classroom and beyond
- Audio recordings of the course to review material after class
- A custom virtual machine tailored specifically for web application penetration testing, with all labs installed locally so they can be repeated even after the course